Static task
static1
Behavioral task
behavioral1
Sample
172e3dde1ebb5b3004b91519e1d6b125_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
172e3dde1ebb5b3004b91519e1d6b125_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
172e3dde1ebb5b3004b91519e1d6b125_JaffaCakes118
-
Size
15KB
-
MD5
172e3dde1ebb5b3004b91519e1d6b125
-
SHA1
c7316e603a9ef7494c6bff6ff205f4c0642b019f
-
SHA256
6183315d1f4121fb4684485ced2ee1cdbd21c3acef5826323dc39a5c2d6c39b7
-
SHA512
ac5f1676cbd901a8e964222ec46a303a64795cc379b4462fc0b1ae4453feca4b6210870695cfa32c301251b4fcb9eedbd97bfb49a534f76be7c93d78ed009f32
-
SSDEEP
384:/yPX9Hf+8RZIU1HyQy+PEltYAQ5xQw3p7n:/cxm83I3AEbYAg+wBn
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 172e3dde1ebb5b3004b91519e1d6b125_JaffaCakes118
Files
-
172e3dde1ebb5b3004b91519e1d6b125_JaffaCakes118.exe windows:4 windows x86 arch:x86
d944f2974eee4a1459cf73a35e50e409
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetModuleHandleA
GetProcAddress
mfc42
ord823
msvcrt
rand
user32
wsprintfA
comdlg32
GetFileTitleA
advapi32
RegCloseKey
ws2_32
sendto
urlmon
URLDownloadToFileA
Sections
.text Size: 10KB - Virtual size: 272KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
jtdX0Eq0 Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 524B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ