Static task
static1
Behavioral task
behavioral1
Sample
08a342b851a519c91df2be77a3031acc_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
08a342b851a519c91df2be77a3031acc_JaffaCakes118.exe
Resource
win10v2004-20240611-en
General
-
Target
08a342b851a519c91df2be77a3031acc_JaffaCakes118
-
Size
19KB
-
MD5
08a342b851a519c91df2be77a3031acc
-
SHA1
dc73e8883b91535688de3d667d69bd28fb0d0077
-
SHA256
b954ff1ba281b949bb2e19a4d4c42b4d90dd92088169058fd9e54b184a645536
-
SHA512
8c3d26bc9e650938704e82048bad31710901e7531b7b1f6fca78e62a5fa4b00e4eae621f2994117fc615ef78c05e190547e685e90a8aced83db8d978305f339b
-
SSDEEP
192:dNt9ufyomS7rQ2nEzqM2jRb2nMWuIeuJxdyBZ8yu9v02mvMJTLMART01NOr:99uSSoqhjJ2n5MuLRX9vEEEc01g
Malware Config
Signatures
Files
-
08a342b851a519c91df2be77a3031acc_JaffaCakes118.exe windows:4 windows x86 arch:x86
d49e0b77addd086ebc177ace5611371f
Code Sign
64:31:ae:4a:17:5f:6d:63:bd:a7:d5:c0:fa:69:ef:3fCertificate
IssuerCN=AariawaqeaworoqNot Before15-03-2012 10:09Not After31-12-2039 23:59SubjectCN=Aariawaqeaworoq4a:85:53:2d:7f:d8:81:03:c6:e1:2a:ba:4c:ad:3c:63:2d:fd:8c:f0Signer
Actual PE Digest4a:85:53:2d:7f:d8:81:03:c6:e1:2a:ba:4c:ad:3c:63:2d:fd:8c:f0Digest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleHandleA
GetProcAddress
Sleep
VirtualFree
LoadLibraryA
user32
UpdateWindow
DispatchMessageA
ShowWindow
RegisterClassExA
Sections
.text Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 330B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 256B - Virtual size: 138B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 270B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ