Static task
static1
Behavioral task
behavioral1
Sample
5d1cc655b4f81ac839a9f6ba3e8e5923_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
5d1cc655b4f81ac839a9f6ba3e8e5923_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
5d1cc655b4f81ac839a9f6ba3e8e5923_JaffaCakes118
-
Size
58KB
-
MD5
5d1cc655b4f81ac839a9f6ba3e8e5923
-
SHA1
5e63bce12a0e7c74a34c6fcfbd915021fd3a5e4c
-
SHA256
76b2de19c4eeec0707ec06c2dbf1f6c0472b03a328e50e9a60255fb535442a19
-
SHA512
21f5a9f486ebc0e90bc92fc4f353e18033e7175865e3c7fe909b6082b369aae619743d43ad7c55a8c173c60ed9d20e5985a2bd735fe677b9b9d76422443586dc
-
SSDEEP
768:8qoiq85I2g9lxJEVYRPbch4LI9kp80FLlXirbpz4NlnUW2l71qaE1irEviqszlJ6:zoiGVxJEajukpfXinAn2EYRHQ3
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5d1cc655b4f81ac839a9f6ba3e8e5923_JaffaCakes118
Files
-
5d1cc655b4f81ac839a9f6ba3e8e5923_JaffaCakes118.exe windows:4 windows x86 arch:x86
2bed3b575b122ce7042753fe75b3b7d0
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ExitProcess
FormatMessageA
GetLastError
SetLastError
VirtualAlloc
CloseHandle
MapViewOfFile
CreateFileMappingA
VirtualFree
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
GetModuleFileNameA
GetModuleFileNameW
SetEnvironmentVariableW
SetEnvironmentVariableA
WideCharToMultiByte
UnmapViewOfFile
lstrcpynW
GetFullPathNameW
GetFullPathNameA
HeapAlloc
GetProcessHeap
GetFileSize
ReadFile
SetFilePointer
CreateFileW
GetEnvironmentVariableW
CreateFileA
GetEnvironmentVariableA
GetVersion
user32
MessageBoxA
Sections
.text Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.res Size: 49KB - Virtual size: 316KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE