c:\dev\themipsfactory\native_client_trunk_bis\native_client\build\Release\sel_ldr.pdb
Static task
static1
Behavioral task
behavioral1
Sample
41d3e9056c9e9867852f4ebb5e4acefd_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
41d3e9056c9e9867852f4ebb5e4acefd_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
41d3e9056c9e9867852f4ebb5e4acefd_JaffaCakes118
-
Size
399KB
-
MD5
41d3e9056c9e9867852f4ebb5e4acefd
-
SHA1
57ab63d5f0f195a7f6a813be90adf669f45b7688
-
SHA256
d28751afe07ae4c281319afb28f9e263fbd472f2386845af0436d5889b90a4bd
-
SHA512
293212aa0d5d98adfc8f25a76c07d049ec0c2d0794cb6d5a3931cb18f289148c3cdb066eb766aff1b3e9c72fbbb8c28c76223ffbfae93d361b470a3cc77a5ca9
-
SSDEEP
6144:Jv0IQgMVs6DfVWsf3ACAWYCv+cBfVPrbb7XHkYm7DTE+g:dIvnDfVzNAqvN1b/XHKDT
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 41d3e9056c9e9867852f4ebb5e4acefd_JaffaCakes118
Files
-
41d3e9056c9e9867852f4ebb5e4acefd_JaffaCakes118.exe windows:5 windows x86 arch:x86
300bcbf0d6b3b9f5517ee4ef0f7b8426
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
winmm
timeEndPeriod
timeGetDevCaps
timeBeginPeriod
timeGetTime
kernel32
ExitThread
ReleaseSemaphore
WaitForMultipleObjects
CreateSemaphoreW
GetNamedPipeHandleStateW
VirtualFree
VirtualAlloc
ReadFile
WriteFile
GetLastError
GetNativeSystemInfo
GetVersionExW
UnmapViewOfFile
CloseHandle
MapViewOfFileEx
CreateFileMappingW
FindFirstFileW
FindNextFileW
FindClose
TerminateThread
TlsAlloc
TlsSetValue
TlsGetValue
GetCurrentThreadId
GetSystemTime
CreateEventW
SetEvent
WaitForSingleObject
Sleep
GetSystemTimeAsFileTime
SystemTimeToFileTime
InterlockedCompareExchange
QueryPerformanceCounter
QueryPerformanceFrequency
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
CreateMutexW
ReleaseMutex
GetProcAddress
GetModuleHandleA
GetThreadSelectorEntry
GetCurrentThread
SetThreadPriority
SwitchToThread
GetSystemInfo
VirtualProtect
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleW
ExitProcess
DuplicateHandle
GetCurrentProcess
HeapAlloc
GetCommandLineA
HeapFree
GetFileInformationByHandle
PeekNamedPipe
GetFileType
SetStdHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcessId
CreateFileA
MultiByteToWideChar
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
SetFilePointer
GetDriveTypeA
FindFirstFileA
ResetEvent
CreateThread
TerminateProcess
IsDebuggerPresent
HeapReAlloc
FlushFileBuffers
DeleteCriticalSection
FatalAppExitA
SetHandleCount
GetStdHandle
GetStartupInfoA
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetModuleFileNameA
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapCreate
HeapDestroy
RtlUnwind
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
SetEndOfFile
GetProcessHeap
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetFullPathNameA
GetCurrentDirectoryA
SetCurrentDirectoryA
RaiseException
GetTimeZoneInformation
HeapSize
GetLocaleInfoW
GetLocaleInfoA
CompareStringA
CompareStringW
SetEnvironmentVariableA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
InterlockedExchangeAdd
FormatMessageA
CreateNamedPipeA
ConnectNamedPipe
OpenProcess
WaitNamedPipeA
DisconnectNamedPipe
SetNamedPipeHandleState
Sections
.text Size: 278KB - Virtual size: 277KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 100KB - Virtual size: 100KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 110KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 436B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ