Static task
static1
Behavioral task
behavioral1
Sample
3a27a9e21ffad0c81b9423908abfee7d_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
3a27a9e21ffad0c81b9423908abfee7d_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
3a27a9e21ffad0c81b9423908abfee7d_JaffaCakes118
-
Size
172KB
-
MD5
3a27a9e21ffad0c81b9423908abfee7d
-
SHA1
bb27389f2b16188f78d8ea0626000ca4b0b9edca
-
SHA256
09e74f5599f70935fd4e8b159dc29a4383d789ef866b4c6b0566fb23698d3f13
-
SHA512
b8b00ac94a83e7cda29cb1fbb1f6d514e1ad472ed0b4e91aad72a8fd1ecbdec50c4b6f3eee4680ddcad0c61cc155615d091acb128bd83a803b28c453c6eed9b9
-
SSDEEP
3072:Lal7c1kbn/yfuDNTGVP85bNDN0LTzWra6/NaZY/XX8iSat82MG6QyE8+AqmUFIrb:y7CqymD8VPk5OnH6UZKXKjpPK2J
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3a27a9e21ffad0c81b9423908abfee7d_JaffaCakes118
Files
-
3a27a9e21ffad0c81b9423908abfee7d_JaffaCakes118.exe windows:4 windows x86 arch:x86
bafd380e9ce02197d15aa07ecda951ad
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CloseHandle
ExitProcess
LoadLibraryA
GetCurrentProcess
CreateFileA
LCMapStringA
user32
CreateWindowExA
wsprintfA
SetWindowLongA
CharLowerBuffA
CloseWindow
advapi32
RegOpenKeyA
RegSetValueA
RegCreateKeyA
RegEnumKeyA
RegCloseKey
RegDeleteKeyA
RegDeleteValueA
RegEnumValueA
RegQueryValueA
Sections
.text Size: 147KB - Virtual size: 148KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ