Static task
static1
Behavioral task
behavioral1
Sample
2e0727da9701df8f5165f2a971ffeebb_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2e0727da9701df8f5165f2a971ffeebb_JaffaCakes118.exe
Resource
win10v2004-20240704-en
General
-
Target
2e0727da9701df8f5165f2a971ffeebb_JaffaCakes118
-
Size
300KB
-
MD5
2e0727da9701df8f5165f2a971ffeebb
-
SHA1
711f3e445816963464e699d18396ab84ca098f3b
-
SHA256
a7390fce28f1cfd7ad52b95ba58b90fec3e7d448bfb9bb4b3d42210ad275d088
-
SHA512
dcaa7969e29b687a108c48847e00a739ee5357d908022ad082be9cd7e93672a3bd48b3ed4fe8578b52a64646e6113ce93b49de6e3e0ffc85c1fabbc343221e02
-
SSDEEP
6144:Y+SoZpxAdKesXqP8IKdWX8HkYkAAIKHmt8Sx9uGsWWr7Wo74p:VS8hza2Xsmtb91sWyl
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2e0727da9701df8f5165f2a971ffeebb_JaffaCakes118
Files
-
2e0727da9701df8f5165f2a971ffeebb_JaffaCakes118.exe windows:4 windows x86 arch:x86
5e5837e02df7c5623677a36f8dd1fb4d
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetVersionExA
VirtualProtect
SetConsoleTitleA
GetCommandLineA
ExitProcess
user32
GetDlgItemInt
SetMenuItemInfoA
GetWindowRgn
GetClipboardOwner
InsertMenuItemA
SetDlgItemInt
GetKeyboardLayoutNameW
LoadIconW
GetScrollBarInfo
GetAsyncKeyState
GetMenuItemInfoA
gdi32
GetStockObject
MaskBlt
StartDocA
GetROP2
GetPaletteEntries
ScaleViewportExtEx
CreateRectRgnIndirect
comdlg32
GetSaveFileNameA
GetOpenFileNameW
PrintDlgA
ChooseFontA
advapi32
RegisterServiceCtrlHandlerW
RegRestoreKeyA
RegSetValueW
EnumServicesStatusA
SetPrivateObjectSecurity
QueryServiceLockStatusW
RegQueryValueA
ImpersonateNamedPipeClient
RegisterEventSourceA
CryptGetUserKey
RegCloseKey
GetNamedSecurityInfoW
ChangeServiceConfigA
DeleteAce
CryptDeriveKey
StartServiceCtrlDispatcherA
RegSetValueExW
LookupPrivilegeNameA
CryptVerifySignatureW
LookupAccountSidA
RegRestoreKeyW
ImpersonateSelf
RegisterEventSourceW
CryptAcquireContextW
CryptSetKeyParam
GetSecurityDescriptorOwner
RegQueryInfoKeyA
GetAce
StartServiceW
SetSecurityInfo
CryptReleaseContext
GetCurrentHwProfileW
RegGetKeySecurity
IsValidAcl
GetSecurityDescriptorSacl
CryptSignHashW
GetLengthSid
CryptHashData
RegNotifyChangeKeyValue
shell32
SHGetPathFromIDListA
SHGetSpecialFolderPathW
SHBrowseForFolderA
SHGetPathFromIDListW
ole32
IsAccelerator
CoQueryClientBlanket
StgOpenStorage
BindMoniker
CoInitializeSecurity
DoDragDrop
oleaut32
VariantChangeType
VariantChangeTypeEx
SafeArrayGetElement
VariantInit
QueryPathOfRegTypeLi
setupapi
SetupInstallServicesFromInfSectionA
SetupDiOpenDevRegKey
SetupDiOpenDeviceInfoW
Sections
.text Size: 280KB - Virtual size: 276KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE