Static task
static1
Behavioral task
behavioral1
Sample
3fc9108c673ad87096f172f0252b878e_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
3fc9108c673ad87096f172f0252b878e_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
3fc9108c673ad87096f172f0252b878e_JaffaCakes118
-
Size
3KB
-
MD5
3fc9108c673ad87096f172f0252b878e
-
SHA1
c18d8949f0a22c6434ac8951542d6494bc856e3b
-
SHA256
f575f4453f40662d07284741739055d4faeed13746aaccf9b9eb150a7b2a4dc8
-
SHA512
8cc1277d1998b22ab193d6013bee802311b37d30912c792cb24d9d5bea90eac15b1fd03c60347439bf8dcdfe7a13aae100eb06ed77c5b3ad394dec1a9fdffea5
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3fc9108c673ad87096f172f0252b878e_JaffaCakes118
Files
-
3fc9108c673ad87096f172f0252b878e_JaffaCakes118.exe windows:4 windows x86 arch:x86
6bb70d2a73e0ee4c196cfc03550d778c
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
user32
MessageBoxA
LoadStringA
kernel32
MultiByteToWideChar
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
GetModuleFileNameA
GetModuleFileNameW
GetVersionExA
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
RtlUnwind
gdi32
GetObjectA
winspool.drv
OpenPrinterA
advapi32
RegCloseKey
comctl32
ord17
oledlg
ord8
ole32
CoRevokeClassObject
oleaut32
VariantInit
Sections
.text Size: 3KB - Virtual size: 3.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE