Static task
static1
Behavioral task
behavioral1
Sample
96f3866beb042ee6e80458c2af765b3c_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
96f3866beb042ee6e80458c2af765b3c_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
96f3866beb042ee6e80458c2af765b3c_JaffaCakes118
-
Size
3.4MB
-
MD5
96f3866beb042ee6e80458c2af765b3c
-
SHA1
04b4804a664980e8d31516e08c76419d174a55c2
-
SHA256
bdffe348ce6c6c6c9066dfae477a43fcd8813f59d8b79df6c0a567470f92c4db
-
SHA512
76fae3256254c4e4680ee61fe54b45f4188eda116d3870015d993463cea199200a51e9ecb459988cd15503a20ed4b7e3982ec8b7e33bd07ae58fecb1db5d98db
-
SSDEEP
98304:nsN0hy1JpR+N+o4ERU9rr3ainosq+WA9iACaS8mg:nCb1XR+NXonqinosv9iACaJJ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 96f3866beb042ee6e80458c2af765b3c_JaffaCakes118
Files
-
96f3866beb042ee6e80458c2af765b3c_JaffaCakes118.exe windows:4 windows x86 arch:x86
885de724d30cde6eae22f7699b956a7a
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LoadLibraryA
ExitProcess
GetCurrentProcess
CloseHandle
CreateFileA
LCMapStringA
user32
wsprintfA
CloseWindow
SetWindowLongA
CharLowerBuffA
CreateWindowExA
advapi32
RegQueryValueA
RegCreateKeyA
RegEnumValueA
RegSetValueA
RegDeleteKeyA
RegEnumKeyA
RegDeleteValueA
RegCloseKey
RegOpenKeyA
Sections
.text Size: 4KB - Virtual size: 1.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ