Static task
static1
Behavioral task
behavioral1
Sample
07336d4e53a0d4fc64601e0763b2940d_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
07336d4e53a0d4fc64601e0763b2940d_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
07336d4e53a0d4fc64601e0763b2940d_JaffaCakes118
-
Size
126KB
-
MD5
07336d4e53a0d4fc64601e0763b2940d
-
SHA1
483009aa16dd9810e836b7e3450ca6d3b6d0d2e1
-
SHA256
b1795c131517b9d94c5b539ab622ce0ba79e102166c36c71eb53b994700e8dc3
-
SHA512
2484c58bfd84f62446bae1944a70627631e0819966ee58d44d884e6c7d4ad72e615a62e07ea2d30bfd273b75460805feca7388ddc028c4d5094b851b95b7b4e7
-
SSDEEP
3072:Rk7XtRg6scUQGwsyW9z6a+I64NYrXJskSu3oGY3fcg:R8zg6scUQX9YKDeSJdrJAfl
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 07336d4e53a0d4fc64601e0763b2940d_JaffaCakes118
Files
-
07336d4e53a0d4fc64601e0763b2940d_JaffaCakes118.exe windows:4 windows x86 arch:x86
5c709a1a2b8e99f27c66bfcc0f34be20
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CreateDirectoryA
SetUnhandledExceptionFilter
ReleaseMutex
CreateMutexA
CreateThread
GetCurrentThreadId
GetStartupInfoA
GetModuleHandleA
CreateToolhelp32Snapshot
Process32First
Process32Next
GetProcessHeap
HeapAlloc
HeapFree
GetTempPathA
SetFilePointer
ReadFile
FreeLibrary
LoadLibraryA
GetProcAddress
lstrcatA
GetLastError
SetLastError
lstrcmpiA
lstrcpyA
FindResourceA
LoadResource
CreateFileA
SystemTimeToFileTime
LocalFileTimeToFileTime
GetWindowsDirectoryA
SetFileTime
SizeofResource
lstrlenA
MultiByteToWideChar
Sleep
ExitProcess
GetCommandLineA
user32
PostQuitMessage
DefWindowProcA
DispatchMessageA
TranslateMessage
GetMessageA
UpdateWindow
ShowWindow
CreateWindowExA
LoadIconA
LoadCursorA
RegisterClassExA
wsprintfA
SendMessageA
advapi32
AddAccessAllowedAce
GetSecurityDescriptorDacl
GetAclInformation
GetLengthSid
InitializeAcl
GetAce
EqualSid
SetSecurityDescriptorDacl
SetFileSecurityA
OpenServiceA
StartServiceA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegCloseKey
RegOpenKeyExA
RegSetValueExA
GetFileSecurityA
LookupAccountNameA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
InitializeSecurityDescriptor
msvcrt
_acmdln
_stricmp
_strnset
_strrev
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
strtok
??2@YAPAXI@Z
strchr
__CxxFrameHandler
??3@YAXPAX@Z
_except_handler3
strstr
realloc
malloc
_CxxThrowException
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
__getmainargs
_initterm
__setusermatherr
iphlpapi
AddIPAddress
GetInterfaceInfo
ws2_32
inet_addr
WSAStartup
WSACleanup
gethostbyname
inet_ntoa
Sections
.data Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 111KB - Virtual size: 111KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ