Static task
static1
Behavioral task
behavioral1
Sample
6527f1ddc00c6863a7689a9eae369cbb_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
6527f1ddc00c6863a7689a9eae369cbb_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
6527f1ddc00c6863a7689a9eae369cbb_JaffaCakes118
-
Size
1.2MB
-
MD5
6527f1ddc00c6863a7689a9eae369cbb
-
SHA1
4cc07852b3f37cc0cf5b1ce6f4e3b72d2021edf5
-
SHA256
3fb260c73f7208c09d26061a8c0dc0168a46e692904f7325d387bfd428c999ce
-
SHA512
8c9130075ecae9caf646651c894d0b9cde486245a14b898fd7f74b29ebe863133e1edb0cd4525cfe2f863040d218b7bbcf686e0519df3f999dd333962b356dde
-
SSDEEP
3072:/aqWPWCzre8E3bL0hPUmVcVThVCVYMvPpOIHNkYoCUKo2qjm6:/aqWPWCzreWUmpvNkbCzVqC6
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 6527f1ddc00c6863a7689a9eae369cbb_JaffaCakes118
Files
-
6527f1ddc00c6863a7689a9eae369cbb_JaffaCakes118.exe windows:4 windows x86 arch:x86
a9e4b0e9dc5977d63dd114671c769094
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
user32
wsprintfA
kernel32
FindClose
FindFirstFileA
FindNextFileA
GetPrivateProfileIntA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetVolumeInformationA
GetWindowsDirectoryA
LocalAlloc
ExitProcess
ReadFile
CreateFileA
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
CloseHandle
LocalFree
SetFilePointer
advapi32
RegQueryValueExA
RegCloseKey
RegEnumKeyExA
RegCreateKeyA
shell32
SHGetSpecialFolderPathA
Sections
.text Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 890B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 131KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE