Static task
static1
Behavioral task
behavioral1
Sample
700c18d9055d00982e8bbf8545e2e0b0_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
700c18d9055d00982e8bbf8545e2e0b0_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
700c18d9055d00982e8bbf8545e2e0b0_JaffaCakes118
-
Size
285KB
-
MD5
700c18d9055d00982e8bbf8545e2e0b0
-
SHA1
86c03d6d57e93d2b2f138bb058f0c1506fe56caf
-
SHA256
d3c7ab362c024dd019ea9cfb2866c82e4cdcab5548fe1a6e521a6b5c5460c6b0
-
SHA512
2f0a80f6f4fe5fb8aaa7c2d55625cc3256292d33e8b951d5ae223b0583c5714cd1bf5d5929ffa009f8d9551edf2c5aefa5ad332ec9f734a37a3609a3de4bf958
-
SSDEEP
6144:ZNv6ndEzMYZ6WXSIYUjbqCzUOjEJTU5dG:ZNv6nd1YZDS/PKQUTG
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 700c18d9055d00982e8bbf8545e2e0b0_JaffaCakes118
Files
-
700c18d9055d00982e8bbf8545e2e0b0_JaffaCakes118.exe windows:4 windows x86 arch:x86
a66312d455ab356276977a73eb969b86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LoadLibraryA
GetCurrentProcess
ExitProcess
CloseHandle
CreateFileA
LCMapStringA
user32
CloseWindow
CharLowerBuffA
CreateWindowExA
wsprintfA
SetWindowLongA
advapi32
RegOpenKeyA
RegEnumValueA
RegEnumKeyA
RegDeleteValueA
RegQueryValueA
RegDeleteKeyA
RegSetValueA
RegCloseKey
RegCreateKeyA
Sections
.text Size: 169KB - Virtual size: 172KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 4KB - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ