Static task
static1
Behavioral task
behavioral1
Sample
711780b955cb138c81529997c7deea3e_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
711780b955cb138c81529997c7deea3e_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
711780b955cb138c81529997c7deea3e_JaffaCakes118
-
Size
179KB
-
MD5
711780b955cb138c81529997c7deea3e
-
SHA1
ce6a5ac0cdb6249131d0827f2199f83277337386
-
SHA256
bbb301c356e6c27d6c4b00d40b6f1febbf4e1b1134fc31b4b94e1cf42817050c
-
SHA512
b15aab29450da6b86b26e9b2b81e2c3048280c8ac465c97bed769e3a7e3efe0018b1fb037553f4a8855790072d18711d98117b3e15267512cff25c19cb13e309
-
SSDEEP
3072:DGioAGy/y3mdMVtNFMtbHL7hnm4uKkHmsRZdKPeH8w6YA7asbRDtB1o19:DGVyVuzwtbH9m4tTscq6YYrbnB1o
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 711780b955cb138c81529997c7deea3e_JaffaCakes118
Files
-
711780b955cb138c81529997c7deea3e_JaffaCakes118.exe windows:4 windows x86 arch:x86
3e678bd860304c63cb7cb82ba2443704
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
shlwapi
PathFindExtensionA
user32
DestroyWindow
CreateDialogParamA
UnregisterClassA
IsDialogMessageA
SetWindowLongA
GetDialogBaseUnits
SendMessageA
GetDlgItemTextA
WinHelpA
EnableWindow
ShowWindow
IsDlgButtonChecked
MoveWindow
IsWindow
GetDC
SetDlgItemTextA
ReleaseDC
CheckDlgButton
GetDlgItem
CharNextA
gdi32
SelectObject
GetDeviceCaps
GetTextExtentPointA
DeleteObject
GetTextMetricsA
CreateFontIndirectA
ole32
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2
CoTaskMemRealloc
advapi32
RegCloseKey
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegEnumKeyExA
RegCreateKeyExA
RegQueryInfoKeyA
kernel32
FreeEnvironmentStringsW
GetProcAddress
InterlockedIncrement
FlushInstructionCache
GetThreadLocale
VirtualAlloc
VirtualProtect
lstrlenW
TlsSetValue
WideCharToMultiByte
DeleteCriticalSection
SetHandleInformation
GetFileType
TlsFree
GetACP
MulDiv
FlushFileBuffers
UnhandledExceptionFilter
TransmitCommChar
IsBadCodePtr
RtlUnwind
HeapReAlloc
VirtualQuery
GetCurrentThreadId
IsBadWritePtr
IsDBCSLeadByte
CloseHandle
LCMapStringA
WriteFile
FreeLibrary
SetFilePointer
SetUnhandledExceptionFilter
LockResource
lstrcpyA
FindResourceA
GetSystemInfo
GetCPInfo
TerminateProcess
MultiByteToWideChar
GetTickCount
GetCurrentProcessId
lstrcpynA
GetProcessHeap
QueryPerformanceCounter
EnumResourceNamesW
VirtualFree
TlsGetValue
GetSystemTimeAsFileTime
GetEnvironmentStringsW
GetStartupInfoA
SetLastError
GetStringTypeW
GetLastError
InitializeCriticalSection
LCMapStringW
GetOEMCP
GetModuleHandleA
LoadLibraryA
TlsAlloc
ExitProcess
GetCommandLineA
InterlockedDecrement
GetCurrentProcess
RaiseException
EnterCriticalSection
GetModuleFileNameA
GetVersionExA
LeaveCriticalSection
SetStdHandle
LoadLibraryExA
GetStringTypeA
GetLocaleInfoA
SizeofResource
HeapCreate
GetEnvironmentStrings
HeapAlloc
DisableThreadLibraryCalls
LoadResource
ExitProcess
InterlockedExchange
lstrlenA
lstrcatA
SetHandleCount
GetStdHandle
FreeEnvironmentStringsA
IsBadReadPtr
HeapDestroy
lstrcmpiA
HeapSize
HeapFree
msimg32
AlphaBlend
TransparentBlt
Sections
.text Size: 153KB - Virtual size: 153KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.crt Size: 512B - Virtual size: 340KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ