Yzlzl
bakleqmhxsYjnk
eemQpzMMV
hpgrCbuadnim
iohiaAfawormdXcho
mywxoludr
oJilxyvscfmdjbxpcC
okyxXfZfhpLFqofEp
pbygtuUMwqaxsnnlv
rmtXsw
tBcdzqkoc
vcqptNooPjGx
vrsqD
yfyvBYdbwkl
Static task
static1
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
Setup.exe
Resource
win10v2004-20240704-en
Behavioral task
behavioral3
Sample
run.exe
Resource
win7-20240708-en
Behavioral task
behavioral4
Sample
run.exe
Resource
win10v2004-20240704-en
Behavioral task
behavioral5
Sample
Setup.exe
Resource
win7-20240704-en
Behavioral task
behavioral6
Sample
Setup.exe
Resource
win10v2004-20240704-en
Target
30991fa69e7b8d10bab04e9b9c5f9be0_JaffaCakes118
Size
4.1MB
MD5
30991fa69e7b8d10bab04e9b9c5f9be0
SHA1
23f9881aaad62925433b651861ca984d2e38dd41
SHA256
7f644c63b4ae76c1437cd408a26d1fcca96aea60e80fd82f3d2e0a210740f838
SHA512
07943c722672225784e0535a29cbcad9fda64d07e0931bee138d4421c40f2bce2bab2eac1b064a4b12b72f52a7a6875cbedeeaa281b8888c55affd7c07f74e6c
SSDEEP
98304:o8qT531SSpHc4B5fKh4EBt/Px0YBGL9B6dwDJyXnXHGPpN/:BqTWI8ckBm4GJwdMJsGN/
Checks for missing Authenticode signature.
resource |
---|
unpack002/Setup.exe |
unpack003/run.exe |
unpack004/Setup.exe |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
EnterCriticalPolicySection
RegisterGPNotification
VerFindFileA
GetFileVersionInfoA
VerQueryValueA
VerQueryValueW
VerInstallFileW
data_size_ndr
RpcSmSwapClientAllocFree
RpcServerUseProtseqEpA
RpcServerUseAllProtseqsIf
RpcServerUnregisterIf
RpcNetworkIsProtseqValidA
MesHandleFree
CStdStubBuffer_AddRef
WinExec
WaitNamedPipeW
VirtualFree
VirtualAlloc
VerLanguageNameA
UnlockFileEx
SetVolumeMountPointW
SetUnhandledExceptionFilter
SetLastError
SetComputerNameA
OpenMutexA
CallNamedPipeW
ConvertThreadToFiber
CreateNamedPipeW
EnterCriticalSection
EnumTimeFormatsA
ExitProcess
FindResourceA
GetACP
GetCPInfo
GetCommandLineA
GetNamedPipeHandleStateW
GlobalDeleteAtom
HeapAlloc
IsProcessorFeaturePresent
LocalFlags
_ismbcprint
_ultow
_wcslwr
atan2
_finite
iswgraph
localtime
_expand
_exit
_XcptFilter
_heapchk
RtlNtStatusToDosError
RtlQueryTimeZoneInformation
RtlSetAttributesSecurityDescriptor
RtlStartRXact
RtlpNtSetValueKey
ZwFindAtom
RtlInitializeCriticalSection
RtlCompareUnicodeString
NtReplyPort
RtlNewSecurityGrantedAccess
Yzlzl
bakleqmhxsYjnk
eemQpzMMV
hpgrCbuadnim
iohiaAfawormdXcho
mywxoludr
oJilxyvscfmdjbxpcC
okyxXfZfhpLFqofEp
pbygtuUMwqaxsnnlv
rmtXsw
tBcdzqkoc
vcqptNooPjGx
vrsqD
yfyvBYdbwkl
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
EnterCriticalPolicySection
RegisterGPNotification
VerFindFileA
GetFileVersionInfoA
VerQueryValueA
VerQueryValueW
VerInstallFileW
data_size_ndr
RpcSmSwapClientAllocFree
RpcServerUseProtseqEpA
RpcServerUseAllProtseqsIf
RpcServerUnregisterIf
RpcNetworkIsProtseqValidA
MesHandleFree
CStdStubBuffer_AddRef
WinExec
WaitNamedPipeW
VirtualFree
VirtualAlloc
VerLanguageNameA
UnlockFileEx
SetVolumeMountPointW
SetUnhandledExceptionFilter
SetLastError
SetComputerNameA
OpenMutexA
CallNamedPipeW
ConvertThreadToFiber
CreateNamedPipeW
EnterCriticalSection
EnumTimeFormatsA
ExitProcess
FindResourceA
GetACP
GetCPInfo
GetCommandLineA
GetNamedPipeHandleStateW
GlobalDeleteAtom
HeapAlloc
IsProcessorFeaturePresent
LocalFlags
_ismbcprint
_ultow
_wcslwr
atan2
_finite
iswgraph
localtime
_expand
_exit
_XcptFilter
_heapchk
RtlNtStatusToDosError
RtlQueryTimeZoneInformation
RtlSetAttributesSecurityDescriptor
RtlStartRXact
RtlpNtSetValueKey
ZwFindAtom
RtlInitializeCriticalSection
RtlCompareUnicodeString
NtReplyPort
RtlNewSecurityGrantedAccess
Yzlzl
bakleqmhxsYjnk
eemQpzMMV
hpgrCbuadnim
iohiaAfawormdXcho
mywxoludr
oJilxyvscfmdjbxpcC
okyxXfZfhpLFqofEp
pbygtuUMwqaxsnnlv
rmtXsw
tBcdzqkoc
vcqptNooPjGx
vrsqD
yfyvBYdbwkl
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
EnterCriticalPolicySection
RegisterGPNotification
VerFindFileA
GetFileVersionInfoA
VerQueryValueA
VerQueryValueW
VerInstallFileW
data_size_ndr
RpcSmSwapClientAllocFree
RpcServerUseProtseqEpA
RpcServerUseAllProtseqsIf
RpcServerUnregisterIf
RpcNetworkIsProtseqValidA
MesHandleFree
CStdStubBuffer_AddRef
WinExec
WaitNamedPipeW
VirtualFree
VirtualAlloc
VerLanguageNameA
UnlockFileEx
SetVolumeMountPointW
SetUnhandledExceptionFilter
SetLastError
SetComputerNameA
OpenMutexA
CallNamedPipeW
ConvertThreadToFiber
CreateNamedPipeW
EnterCriticalSection
EnumTimeFormatsA
ExitProcess
FindResourceA
GetACP
GetCPInfo
GetCommandLineA
GetNamedPipeHandleStateW
GlobalDeleteAtom
HeapAlloc
IsProcessorFeaturePresent
LocalFlags
_ismbcprint
_ultow
_wcslwr
atan2
_finite
iswgraph
localtime
_expand
_exit
_XcptFilter
_heapchk
RtlNtStatusToDosError
RtlQueryTimeZoneInformation
RtlSetAttributesSecurityDescriptor
RtlStartRXact
RtlpNtSetValueKey
ZwFindAtom
RtlInitializeCriticalSection
RtlCompareUnicodeString
NtReplyPort
RtlNewSecurityGrantedAccess
Yzlzl
bakleqmhxsYjnk
eemQpzMMV
hpgrCbuadnim
iohiaAfawormdXcho
mywxoludr
oJilxyvscfmdjbxpcC
okyxXfZfhpLFqofEp
pbygtuUMwqaxsnnlv
rmtXsw
tBcdzqkoc
vcqptNooPjGx
vrsqD
yfyvBYdbwkl
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ