Static task
static1
Behavioral task
behavioral1
Sample
75cb3795959363406e05b70c8c42cd3c_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
75cb3795959363406e05b70c8c42cd3c_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
75cb3795959363406e05b70c8c42cd3c_JaffaCakes118
-
Size
368KB
-
MD5
75cb3795959363406e05b70c8c42cd3c
-
SHA1
6f55d0a0a94d8d682d075713ccee0cd0820da1a6
-
SHA256
655577a00585a2470841b516f1f2a0b279f62c7eafd6f74414c980b12c3693d5
-
SHA512
939beb2546367851cb82603a1b6d7749e33a7dc751e18a672e64303a91578f1b203eca76dd578b80e851834ea8f1d35cece9ba60cab12ccfb9c5ad15974aa4d1
-
SSDEEP
6144:2ryqDqy4EcGfhdgNuRq8WzN1oa9FAdt9cyS41kpoTAyXgDwb:2XF4yfhdgNLN1oLW541keTAyX
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 75cb3795959363406e05b70c8c42cd3c_JaffaCakes118
Files
-
75cb3795959363406e05b70c8c42cd3c_JaffaCakes118.exe windows:4 windows x86 arch:x86
b4a5da0f9e4b944c9d35fcd2fe9df92d
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
InterlockedIncrement
ExitProcess
SetEndOfFile
FindResourceW
InitializeCriticalSection
LCMapStringA
TerminateProcess
LocalFree
GetOEMCP
GetModuleHandleW
GetStringTypeW
GlobalLock
GetACP
CompareStringA
SetUnhandledExceptionFilter
ReadFile
SetFilePointer
WideCharToMultiByte
GetModuleHandleA
CreateMutexA
GetCurrentThread
InterlockedCompareExchange
WaitForMultipleObjects
GetCommandLineA
FreeEnvironmentStringsW
HeapSize
MultiByteToWideChar
CreateThread
GetCurrentProcessId
LoadLibraryA
GetVersionExA
HeapAlloc
IsDebuggerPresent
QueryPerformanceCounter
SetEvent
WaitForSingleObject
EnterCriticalSection
GetCurrentThreadId
GetTickCount
GetVersion
GetLastError
lstrlenA
VirtualAlloc
GetStartupInfoA
GetProcAddress
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InterlockedDecrement
LeaveCriticalSection
FatalAppExitA
GetCPInfo
HeapReAlloc
IsBadWritePtr
SetConsoleCtrlHandler
GetStringTypeA
Sleep
LCMapStringW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeZoneInformation
GetLocaleInfoW
CompareStringW
SetEnvironmentVariableA
user32
LoadCursorA
PeekMessageA
GetWindowRect
SetWindowPos
ShowWindow
PostQuitMessage
GetFocus
Sections
.text Size: 56KB - Virtual size: 53KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 308KB - Virtual size: 306KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE