Static task
static1
Behavioral task
behavioral1
Sample
28b2713f0d48fe9e28e512b39853de33_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
28b2713f0d48fe9e28e512b39853de33_JaffaCakes118.exe
Resource
win10v2004-20240704-en
General
-
Target
28b2713f0d48fe9e28e512b39853de33_JaffaCakes118
-
Size
83KB
-
MD5
28b2713f0d48fe9e28e512b39853de33
-
SHA1
d33d48335ed349fe2f60eaa1e22e49ff3c813c0b
-
SHA256
8d87cfce3c1b7ec1129809f7e39bd2ba73202006e5482434090e27ad0c40b4b7
-
SHA512
aaa879952f0f72a91da9b16808e5069b70ecacc5224cf9e2ac1c942a2d0c35a59777b36f502d772032624225e6305df507ac4b16ed2d51638033f4e3422606c6
-
SSDEEP
1536:c/1Pd2dRJ3/zLdNi4hD9HWg1eMEbEaOt/1OKEnE0PIDh1SLLR3:cNPdU/l1hD9HWgDEE5Enah4LLR3
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 28b2713f0d48fe9e28e512b39853de33_JaffaCakes118
Files
-
28b2713f0d48fe9e28e512b39853de33_JaffaCakes118.exe windows:5 windows x86 arch:x86
221e73b01540572ded47944b17175d55
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvcrt
__getmainargs
malloc
_adjust_fdiv
_except_handler3
free
__setusermatherr
fwrite
atoi
calloc
exit
fclose
_initterm
_acmdln
_exit
strlen
_cexit
_onexit
__p__commode
strcpy
fprintf
fopen
__set_app_type
strcmp
__p__fmode
signal
sin
_XcptFilter
__p__environ
_vsnprintf
user32
GetDesktopWindow
kernel32
GetModuleHandleW
GetStartupInfoA
Sections
.text Size: 54KB - Virtual size: 53KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ