Static task
static1
Behavioral task
behavioral1
Sample
3f02c341b33c8d852b9c63e8216f019f_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
3f02c341b33c8d852b9c63e8216f019f_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
3f02c341b33c8d852b9c63e8216f019f_JaffaCakes118
-
Size
39KB
-
MD5
3f02c341b33c8d852b9c63e8216f019f
-
SHA1
5b2bd017318a8e53908384975a86b93ffacd5f18
-
SHA256
df46aa873a41fa39b6561428ac952d263e9c0adf76a64fe5f1a5d297d79927f0
-
SHA512
06d05fe9ea80bb1e382ee51de3447a3939cf5a21b1aaafc1add358d26be201078f1fc8d0ee55445c0137103a36765cb3bbab8b1555a2fb09d212595f54eb5ad6
-
SSDEEP
768:3D9qF2QZX8DFJ35Yd5K43+LRHJxL5vlPFQxNAnQg+wxrp1TZpk:zgURB5BJHlPWxjgrrrZpk
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3f02c341b33c8d852b9c63e8216f019f_JaffaCakes118
Files
-
3f02c341b33c8d852b9c63e8216f019f_JaffaCakes118.exe windows:4 windows x86 arch:x86
1161f2887a756ffdaf5474b78d797a5d
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
user32
MessageBoxA
GetKeyboardType
CreateWindowExA
kernel32
GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
GetACP
TlsSetValue
lstrcpyA
Sleep
oleaut32
SysFreeString
SafeArrayPtrOfIndex
advapi32
RegQueryValueExA
RegQueryValueExA
gdi32
UnrealizeObject
version
VerQueryValueA
comctl32
_TrackMouseEvent
Sections
.text Size: 24KB - Virtual size: 704KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE