Static task
static1
Behavioral task
behavioral1
Sample
602973695188dfd957c2aeca0c9c4eca_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
602973695188dfd957c2aeca0c9c4eca_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
602973695188dfd957c2aeca0c9c4eca_JaffaCakes118
-
Size
332KB
-
MD5
602973695188dfd957c2aeca0c9c4eca
-
SHA1
39dc11cb20ec273263e21c31e6ce486775879b67
-
SHA256
4260790b1f87c6d0a7c77bef42dafdb9e8b3970afde26b9bc84930c616720a0a
-
SHA512
7ea37dc67180fe79a03cccb63fa429d38e6f382039e8ef0c0f64b31e7d32335c3401266e058c3874005845e844ceff7d048557b7c16f7a1ba54a226661e78ec3
-
SSDEEP
6144:7Wb76gszE0gtjbaPlty+hZ48XQJG8+isBquL2dwOiFQfufjs+9ohEroXhet3Jug:7O7qE01PmraQIkhm2dwbQf2rodXh
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 602973695188dfd957c2aeca0c9c4eca_JaffaCakes118
Files
-
602973695188dfd957c2aeca0c9c4eca_JaffaCakes118.exe windows:5 windows x86 arch:x86
465d89c0783224926d86dcb38dec6b13
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
advapi32
RegSetValueW
browseui
ord118
gdi32
GetStockObject
msvcrt
_itow
ntdll
RtlNtStatusToDosError
ole32
CoFreeUnusedLibraries
oleaut32
SysAllocString
shdocvw
ord110
shell32
ord182
shlwapi
StrCpyNW
user32
TileWindows
uxtheme
GetThemeBackgroundContentRect
Sections
.text Size: 286KB - Virtual size: 1016KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 45KB - Virtual size: 48KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE