Static task
static1
Behavioral task
behavioral1
Sample
278fdd53699cfaa1bd97efbcd4272e0b_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
278fdd53699cfaa1bd97efbcd4272e0b_JaffaCakes118.exe
Resource
win10v2004-20240704-en
General
-
Target
278fdd53699cfaa1bd97efbcd4272e0b_JaffaCakes118
-
Size
48KB
-
MD5
278fdd53699cfaa1bd97efbcd4272e0b
-
SHA1
f9a0000b23e3053842b25da5ab232463aa7fedf0
-
SHA256
36d252f66320c67e2d2f3d503159bf5eeded81f8c0b5e31bf384b283f0f857d1
-
SHA512
b480a641596a338c673e4cd0579bff17fdcb892cf67ab3a15be2ae04b9d87943ad27a6ae899a0fd54ee179cdc785d2c86dff65efafb727ddc0d5f35fb1cdf901
-
SSDEEP
384:LWII8FopzV1fRiJ2yH3RkvZDXF4aCcA+1m1ig/a9BHWPR:Lo8wJ5Gd3mxpvNm1tg2p
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 278fdd53699cfaa1bd97efbcd4272e0b_JaffaCakes118
Files
-
278fdd53699cfaa1bd97efbcd4272e0b_JaffaCakes118.exe windows:4 windows x86 arch:x86
4297ec9e0fb23c4a9fe631ab6f1989b8
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
crtdll
memset
strcpy
memcpy
strlen
strncpy
strcat
kernel32
GetModuleHandleA
HeapCreate
GetTempPathA
GetModuleFileNameA
HeapDestroy
ExitProcess
CreateFileA
ReadFile
HeapFree
HeapAlloc
CloseHandle
CopyFileA
GetDriveTypeA
FindFirstFileA
FindClose
DeleteFileA
WriteFile
SetFilePointer
HeapReAlloc
MultiByteToWideChar
ole32
CoInitialize
CoCreateInstance
CoUninitialize
oleaut32
SysAllocString
Sections
VBS000 Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
VBS001 Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
VBS002 Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE