Static task
static1
Behavioral task
behavioral1
Sample
1a5b4abc3a491c7ef1c2785f41387ef4_JaffaCakes118.exe
Resource
win7-20240508-en
General
-
Target
1a5b4abc3a491c7ef1c2785f41387ef4_JaffaCakes118
-
Size
187KB
-
MD5
1a5b4abc3a491c7ef1c2785f41387ef4
-
SHA1
cb8feccc82a9354510f1e58d62baeef937e97421
-
SHA256
45766b2615ff6845bf568615bcd46cb26ef149ba0807cb08e4154e33b6252ef3
-
SHA512
30f0a73fcae8bc5d05ac8cecea19137a75c72bf795d0daea1b4bdfa0841e6c203b783ff8684d92b81ef7faf159ef1d32646c99557090076056b62fa23af11867
-
SSDEEP
3072:NgIAiiF+283/pGIioIDwpAL7QwH6ttAIk5YnlizBcDwYkQVWek9fsk5n91FUjsIj:NJDAXoOJ04YlXqQseofxn9HUQ/m
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1a5b4abc3a491c7ef1c2785f41387ef4_JaffaCakes118
Files
-
1a5b4abc3a491c7ef1c2785f41387ef4_JaffaCakes118.exe windows:4 windows x86 arch:x86
91d417c93cf64e8b4dcbe8cd1d9e2c4c
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetDateFormatA
IsValidCodePage
SetStdHandle
GlobalGetAtomNameA
GetTimeFormatA
HeapSize
MultiByteToWideChar
VirtualAlloc
GetOEMCP
GetLocaleInfoA
TlsGetValue
EnumResourceNamesA
TlsSetValue
RtlUnwind
GetConsoleOutputCP
HeapReAlloc
CreateDirectoryExA
GetCPInfo
WriteConsoleA
TlsAlloc
GetACP
SetFilePointer
RaiseException
rpcrt4
RpcStringFreeA
user32
DispatchMessageW
PeekMessageA
MessageBoxA
LoadStringA
CharNextA
DispatchMessageA
GetDesktopWindow
wsprintfA
shell32
SHGetSpecialFolderLocation
ShellExecuteA
SHGetDesktopFolder
DragAcceptFiles
SHGetFileInfoA
SHGetPathFromIDListA
SHGetMalloc
SHAppBarMessage
ShellExecuteExA
SHBrowseForFolderA
Shell_NotifyIconA
Sections
.text Size: 88KB - Virtual size: 228KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 95KB - Virtual size: 95KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ