Static task
static1
Behavioral task
behavioral1
Sample
8af0c45d65ed18d6188995eb2bc7df95_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
8af0c45d65ed18d6188995eb2bc7df95_JaffaCakes118.exe
Resource
win10v2004-20240226-en
General
-
Target
8af0c45d65ed18d6188995eb2bc7df95_JaffaCakes118
-
Size
254KB
-
MD5
8af0c45d65ed18d6188995eb2bc7df95
-
SHA1
2092e4ff6e54c098578db36dac5f3073cecd15bd
-
SHA256
1fdf61cec372593563852f751744440b29f25f4a22afd4962e47ab80d14c69aa
-
SHA512
1051daaee1b8255cadadffcb67cf7f124ca59e2d0abe5821e03fdba9a87a7b82786a7c68c9be8dfd24a11512bf85b98bea3fd2765c7c93db201b76d889aa2fe5
-
SSDEEP
6144:tyxmkm3OV8dBuHXo3vcxNo0N3+wdjAvOxoVnNLmVf+NPVi5v:Q0eABuYkxNn3aHVN1i5v
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8af0c45d65ed18d6188995eb2bc7df95_JaffaCakes118
Files
-
8af0c45d65ed18d6188995eb2bc7df95_JaffaCakes118.exe windows:5 windows x86 arch:x86
cb7ca6460e9b45e78e688d06c0cf5c48
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetModuleHandleA
GetProcAddress
msvcrt
abs
advapi32
RegEnumKeyA
shell32
SHGetMalloc
shlwapi
UrlCombineW
ole32
CoGetMalloc
oleaut32
SysAllocStringByteLen
mpr
WNetGetConnectionW
winmm
mmioRead
avifil32
AVIFileExit
version
VerQueryValueW
wininet
InternetCrackUrlA
user32
SetTimer
urlmon
CreateURLMoniker
Sections
.MPRESS1 Size: 248KB - Virtual size: 772KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.MPRESS2 Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 984B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE