Static task
static1
Behavioral task
behavioral1
Sample
76d6c1c184a2d657f044877c975fb6c3_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
76d6c1c184a2d657f044877c975fb6c3_JaffaCakes118.exe
Resource
win10v2004-20240729-en
General
-
Target
76d6c1c184a2d657f044877c975fb6c3_JaffaCakes118
-
Size
110KB
-
MD5
76d6c1c184a2d657f044877c975fb6c3
-
SHA1
f34cf0361b73442ef633401ea7f0d609c76f6d44
-
SHA256
1be8d71a507cea9c952beed194f712758a83f060da5ad4e7367a8ce004f1d259
-
SHA512
78bd26d01251c019c8eb5a18ca114097cac2f9ecff9569950042a6213ce6692be7be2652858608676a370968b78e8f51bbb8187dd14ddd044805710f90b1c26b
-
SSDEEP
1536:lVaNLdG5boLKWgOuJZ6FdAH0CBP5vrhD11m4qUwIs93i65qE9MT1jk:nanG5bBOuj6OT1RqUiMT1jk
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 76d6c1c184a2d657f044877c975fb6c3_JaffaCakes118
Files
-
76d6c1c184a2d657f044877c975fb6c3_JaffaCakes118.exe windows:4 windows x86 arch:x86
7bbfde9a4b4ec196b4c8d1c8ee7484e5
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
gdi32
CreateSolidBrush
SetTextColor
RectVisible
SelectObject
LineTo
CreateCompatibleDC
CreateFontIndirectA
GetObjectA
SaveDC
SetStretchBltMode
GetDeviceCaps
SetMapMode
GetClipBox
CreatePalette
GetTextMetricsA
RestoreDC
SetTextAlign
SelectPalette
DeleteObject
GetPixel
user32
TranslateMessage
GetParent
GetDesktopWindow
GetSystemMetrics
GetDC
CharNextA
kernel32
lstrcmpiW
GlobalFindAtomA
GetSystemTime
VirtualAlloc
RemoveDirectoryA
lstrlenA
GetModuleHandleA
QueryPerformanceCounter
VirtualFree
lstrcmpA
GetWindowsDirectoryA
lstrcmpiA
lstrlenW
DeleteFileA
RemoveDirectoryW
FindClose
GetCommandLineA
CopyFileA
glu32
gluNurbsCallback
Sections
.text Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 52KB - Virtual size: 51KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 29KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ