Static task
static1
Behavioral task
behavioral1
Sample
247f374f85711631e71799306875ed2c_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
247f374f85711631e71799306875ed2c_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
247f374f85711631e71799306875ed2c_JaffaCakes118
-
Size
111KB
-
MD5
247f374f85711631e71799306875ed2c
-
SHA1
3ad292fb6e063e58180a7743e33c72d0ab7255c4
-
SHA256
f9ac813a4ec5241ebc32ae10703d05c185f138fa944f8711f6df9cf575de1791
-
SHA512
2ff34f4879b08e7a89f2a376d96c1f353410c42c0017eda9141233465e12ff48ce66539cc7c245613f9a3d64ed742e0ef4fea4371b60fa63a14f1c882f35f040
-
SSDEEP
3072:r2opikaNaSPUpxTxYmw4ysC2cXKJzWCwgfEEt+:iMNaA+Updumw48aJKWfEE
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 247f374f85711631e71799306875ed2c_JaffaCakes118
Files
-
247f374f85711631e71799306875ed2c_JaffaCakes118.exe windows:5 windows x86 arch:x86
8b91a86fcbd14bdda12e029368311768
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetDriveTypeA
GetUserDefaultLCID
GetShortPathNameA
GetModuleFileNameA
GetModuleHandleA
MoveFileA
GetExitCodeProcess
GetStartupInfoA
MultiByteToWideChar
VirtualProtect
FormatMessageA
IsBadWritePtr
user32
RedrawWindow
GetSysColor
DrawIconEx
LoadStringA
AdjustWindowRectEx
SetScrollPos
GetMenuItemCount
DrawTextA
RemovePropA
GetDC
IsWindowVisible
msvcrt
sqrt
fseek
free
_initterm
__getmainargs
__p__fmode
__setusermatherr
__p__commode
_purecall
strtoul
__badioinfo
_acmdln
__set_app_type
_except_handler3
iswdigit
exit
_wcsicmp
_XcptFilter
_adjust_fdiv
advapi32
DeregisterEventSource
QueryServiceStatus
RegDeleteKeyW
FreeSid
CryptCreateHash
RegCreateKeyExA
EqualSid
ole32
CreateBindCtx
CoInitializeSecurity
CLSIDFromString
CreateItemMoniker
CoGetClassObject
CoUninitialize
CoRegisterClassObject
CoLoadLibrary
OleSetClipboard
CLSIDFromProgID
ProgIDFromCLSID
RevokeDragDrop
oleaut32
SafeArrayPutElement
SysAllocStringLen
SafeArrayUnaccessData
SafeArrayGetUBound
VariantCopyInd
SetErrorInfo
SafeArrayPtrOfIndex
GetActiveObject
comctl32
ImageList_EndDrag
CreateToolbarEx
PropertySheetW
ImageList_LoadImageA
ImageList_GetIcon
ImageList_Destroy
ImageList_DragLeave
ImageList_BeginDrag
shell32
FindExecutableW
SHGetSpecialFolderPathA
ShellExecuteW
SHGetPathFromIDListW
ShellExecuteA
Sections
.text Size: 81KB - Virtual size: 80KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 25KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ