Static task
static1
Behavioral task
behavioral1
Sample
66edf3736f90448f0730a20af40fadce_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
66edf3736f90448f0730a20af40fadce_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
66edf3736f90448f0730a20af40fadce_JaffaCakes118
-
Size
528KB
-
MD5
66edf3736f90448f0730a20af40fadce
-
SHA1
fac8f26e922cddd18d76a3b47ef2a08e02544168
-
SHA256
45f73616e5d257d2424fe19c231bb3989ad47d75dc5d9f47324407bf29a54821
-
SHA512
4a02bb768b825c0203e5c4fd545f80122021e4ea3c99154529691a382b3703d98676039d0b38a75473561a89ba42fe0786e81a8f0428056891cbf1564c579485
-
SSDEEP
12288:dqUOEcaYRjbKLQKFys8z0J8WoVg2GSYtmifvNQl4lpimE9:pFpQKphDoO2GztmIm+p
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 66edf3736f90448f0730a20af40fadce_JaffaCakes118
Files
-
66edf3736f90448f0730a20af40fadce_JaffaCakes118.exe windows:4 windows x86 arch:x86
19cc86fbdce500e703d38d0daa3792f5
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleHandleA
GetProcAddress
GetVersion
LoadLibraryA
VirtualAlloc
VirtualProtect
GetACP
lstrlenA
lstrcatA
lstrcat
GetConsoleAliasesA
CreateDirectoryA
GetCurrentThreadId
shell32
SHCreateStdEnumFmtEtc
AppCompat_RunDLLW
InternalExtractIconListA
winspool.drv
DevQueryPrint
AddPrinterDriverA
imagehlp
ImageLoad
MakeSureDirectoryPathExists
MapDebugInformation
SymRegisterCallback
version
VerQueryValueW
VerQueryValueA
gdi32
GetDCOrgEx
SetBitmapBits
OffsetRgn
ResetDCW
CreateRectRgnIndirect
Sections
.text Size: 491KB - Virtual size: 491KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 36KB - Virtual size: 35KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE