Static task
static1
Behavioral task
behavioral1
Sample
277d2be6c105b5bbcf6e80343b687f21_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
277d2be6c105b5bbcf6e80343b687f21_JaffaCakes118.exe
Resource
win10v2004-20240704-en
General
-
Target
277d2be6c105b5bbcf6e80343b687f21_JaffaCakes118
-
Size
115KB
-
MD5
277d2be6c105b5bbcf6e80343b687f21
-
SHA1
194f27f278288e8f7fa43ae873a816009f79cdf2
-
SHA256
4d6dc62ecca320c690039914d27b487222cb0cdc9f859d1a4a1b5a234cd35943
-
SHA512
8aa29d9d0622456eb637bf11afa44180dfbdcd4394bd42e00bb640e0e5f7ac0ba29df2a61a8061169375bdec3ad1c9a7be3d4bc21f9160de5177a423e8f7dde6
-
SSDEEP
3072:tDPBwaL2AiA5EBPnBpHYftFxjfuR9ZB5i6gB0OK6MPZn:tWailA5EBPMxjqZfi6gB9K6MPV
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 277d2be6c105b5bbcf6e80343b687f21_JaffaCakes118
Files
-
277d2be6c105b5bbcf6e80343b687f21_JaffaCakes118.exe windows:4 windows x86 arch:x86
5201d8ef5f971c3012b111a5d3720f1f
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetCurrentThread
EnumSystemLanguageGroupsA
GetOEMCP
GetProcessShutdownParameters
HeapFree
lstrcpynA
Module32NextW
FreeConsole
FindVolumeMountPointClose
GetHandleInformation
FillConsoleOutputCharacterA
FindNextVolumeMountPointA
GlobalGetAtomNameW
GetConsoleScreenBufferInfo
GetFileSize
LoadResource
CreateTimerQueueTimer
GetConsoleAliasW
GetCommandLineA
ExitProcess
GetStartupInfoA
Sections
.text Size: 5KB - Virtual size: 14KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 19KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 1KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE