C:\Documents and Settings\Administrator\Desktop\SetReg\Debug\setreg.pdb
Static task
static1
Behavioral task
behavioral1
Sample
709e6924c2a02282fef00663bd1f7ad8_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
709e6924c2a02282fef00663bd1f7ad8_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
709e6924c2a02282fef00663bd1f7ad8_JaffaCakes118
-
Size
142KB
-
MD5
709e6924c2a02282fef00663bd1f7ad8
-
SHA1
35e68164c361e05be45f2b5fd133680c9f603c8c
-
SHA256
604a974c12832f7aae6f2714f01642d80a72e0e11015ea2f77400a165f96c86f
-
SHA512
941fc46a9e5aef9f92dc724b0bc9e1119c94ded41cf2d2d3c279a06e3a458db1654ecb6a6caddce38a044f01a5adc77fb83dac9765b9ba7373753990c0588b40
-
SSDEEP
1536:K/Hr4IcztW6VWZKCkNQfUDa2gA/d/TX0OlkXDsVYnGiOhZoYZYT:K/Hr4IcpW60ZKC6zD9gAlbjlvQGhYT
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 709e6924c2a02282fef00663bd1f7ad8_JaffaCakes118
Files
-
709e6924c2a02282fef00663bd1f7ad8_JaffaCakes118.exe windows:4 windows x64 arch:x64
46c3fd43fa97f94674a6282d5f4a227b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
kernel32
CompareStringA
CompareStringW
GetSystemDirectoryA
GetWindowsDirectoryA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlUnwindEx
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
RaiseException
RtlPcToFileHeader
TlsAlloc
SetLastError
GetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapSetInformation
HeapCreate
HeapDestroy
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
Sleep
GetACP
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
LoadLibraryA
InitializeCriticalSection
HeapReAlloc
GetDateFormatA
GetTimeFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
GetTimeZoneInformation
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetLocaleInfoW
SetEnvironmentVariableA
CopyFileA
user32
MessageBoxA
advapi32
RegCreateKeyExA
RegSetValueExA
RegCloseKey
Sections
.text Size: 97KB - Virtual size: 97KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE