EfS_Agz
Static task
static1
Behavioral task
behavioral1
Sample
6f9ea5d402f59149c75c859d03cc290a_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
6f9ea5d402f59149c75c859d03cc290a_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
6f9ea5d402f59149c75c859d03cc290a_JaffaCakes118
-
Size
65KB
-
MD5
6f9ea5d402f59149c75c859d03cc290a
-
SHA1
3cd7f2138f04090f1d975761b835f0c74907fdbe
-
SHA256
160db6d07b2bc33b0d90878ae2659b8a008c90fe77fd4360f83302e8edd94c13
-
SHA512
c5bdc4b5be66efc8e8cd4ddc598b6baee67fae33680fb602b48fa6a2010efb43f0dd6ab2cf5b9b386f8a5d85c7adb97b6091c03460995ea02a102b0087046840
-
SSDEEP
1536:+/wDXj2B37Aga1B4stPcLCOYMlxZH6V4FU7:ZDz2dW1Btmh6V4e7
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 6f9ea5d402f59149c75c859d03cc290a_JaffaCakes118
Files
-
6f9ea5d402f59149c75c859d03cc290a_JaffaCakes118.exe windows:4 windows x86 arch:x86
c6f16b149652b47c9a679fa0afa3bb55
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
gdi32
GetBitmapBits
SetBkColor
CreateBrushIndirect
GetClipBox
user32
SetScrollInfo
TranslateMDISysAccel
SetMenuItemInfoA
SetParent
DrawIconEx
CloseClipboard
IsDialogMessageA
PostQuitMessage
LoadKeyboardLayoutA
BeginPaint
MessageBeep
GetClassNameA
GetClassInfoA
OffsetRect
CallNextHookEx
GetScrollRange
SetWindowPos
SetActiveWindow
GetWindowPlacement
IsZoomed
CreateMenu
SetCapture
GetClassLongA
DispatchMessageA
CharNextA
SetScrollPos
InflateRect
RemovePropA
GetScrollPos
GetClipboardData
SetRect
GetKeyboardLayoutList
SetCursor
DestroyIcon
DeleteMenu
ActivateKeyboardLayout
RedrawWindow
CreatePopupMenu
EnumChildWindows
GetFocus
GetMenu
OpenIcon
GetWindowLongA
MsgWaitForMultipleObjects
GetKeyboardState
EnumThreadWindows
CharUpperA
GetDlgItem
DefFrameProcA
IsWindowEnabled
GetSubMenu
SetWindowPlacement
LoadIconA
SetWindowLongW
GetWindow
GetWindowTextA
WaitMessage
GetWindowTextLengthA
DispatchMessageW
SetWindowTextA
ScreenToClient
GetMenuItemInfoA
kernel32
FreeResource
GetCurrentProcessId
GetCommandLineA
lstrcmpA
GetCurrentThreadId
GetEnvironmentStrings
IsBadReadPtr
VirtualAlloc
Sleep
FreeLibrary
LocalAlloc
lstrcpynA
lstrlenW
InitializeCriticalSection
GetModuleHandleW
LoadLibraryA
HeapAlloc
GetCurrentProcess
GetFileSize
DeleteFileA
ResetEvent
GetCommandLineW
LocalFree
WriteFile
GlobalDeleteAtom
GetLastError
GetVersionExA
FindResourceA
GetModuleFileNameA
CreateThread
WaitForSingleObject
SetHandleCount
GetProcessHeap
FormatMessageA
FindClose
SetThreadLocale
MoveFileA
GetStartupInfoA
LocalReAlloc
GetDiskFreeSpaceA
FindFirstFileA
VirtualFree
VirtualAllocEx
CompareStringA
GetModuleHandleA
LockResource
DeleteCriticalSection
EnterCriticalSection
SetErrorMode
GetStdHandle
RaiseException
GetOEMCP
lstrcatA
GlobalAlloc
SetFilePointer
SizeofResource
GetACP
CloseHandle
lstrcmpiA
GetStringTypeW
MoveFileExA
GetFullPathNameA
GetFileType
lstrlenA
GlobalFindAtomA
ole32
OleRegGetUserType
StringFromIID
CoReleaseMarshalData
PropVariantClear
OleRun
CoFreeUnusedLibraries
Exports
Exports
Sections
.text Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 48KB - Virtual size: 103KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ