Static task
static1
Behavioral task
behavioral1
Sample
8278f7bed29f67870685c1c60db3c991_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
8278f7bed29f67870685c1c60db3c991_JaffaCakes118.exe
Resource
win10v2004-20240730-en
General
-
Target
8278f7bed29f67870685c1c60db3c991_JaffaCakes118
-
Size
847KB
-
MD5
8278f7bed29f67870685c1c60db3c991
-
SHA1
d5c8c964af697960f0ac1915ea4223477e8db233
-
SHA256
d9401514dcd0e15f10605d453acb5912267f3f187459b8b409035ddef1d49c86
-
SHA512
5d915080de8b1f61f7336d8b0991c1fcf4ff12283c045f716a9e24bb2dc2e485b9fe29e765780f091578e90e691bfddf3b983752ec415fc5aa34620f51a78a5b
-
SSDEEP
24576:B5OnutaKdOlaaMCLiUrn7IB7yp4r/jScdFx7:7OnutFaMCT723ru2J
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8278f7bed29f67870685c1c60db3c991_JaffaCakes118
Files
-
8278f7bed29f67870685c1c60db3c991_JaffaCakes118.exe windows:5 windows x86 arch:x86
017070c4a6487ace28c1adf29552e53e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleHandleA
LoadLibraryA
TlsGetValue
GetConsoleInputWaitHandle
GetConsoleCharType
GetCurrentThreadId
VirtualAlloc
OutputDebugStringA
VirtualFreeEx
UpdateResourceA
LZCloseFile
GetProcessHeaps
VirtualQueryEx
OpenProfileUserMapping
OpenConsoleW
GetConsoleAliasesA
GetNumberOfConsoleFonts
GetCompressedFileSizeA
FindNextFileW
ifsutil
?QueryDriveName@MOUNT_POINT_MAP@@QAEEPAVWSTRING@@0@Z
?GetMessageW@SUPERAREA@@QAEPAVMESSAGE@@XZ
?QueryMediaByte@DP_DRIVE@@QBEEXZ
??0SUPERAREA@@IAE@XZ
??0DIGRAPH@@QAE@XZ
??1CANNED_SECURITY@@UAE@XZ
??1SUPERAREA@@UAE@XZ
??1INTSTACK@@UAE@XZ
??0INTSTACK@@QAE@XZ
?GetDrive@SUPERAREA@@QAEPAVIO_DP_DRIVE@@XZ
?QueryAutochkTimeOut@VOL_LIODPDRV@@SGEPAK@Z
?DeleteEntry@AUTOREG@@SGEPBVWSTRING@@E@Z
?QueryRecommendedMediaType@DP_DRIVE@@QBE?AW4_MEDIA_TYPE@@XZ
?Lock@IO_DP_DRIVE@@QAEEXZ
?QueryCompressedInteger@BIG_INT@@QBEXPAE0@Z
??0READ_CACHE@@QAE@XZ
?EnableVolumeCompression@IFS_SYSTEM@@SGEPBVWSTRING@@@Z
?SendSonyMSRequestSenseCmd@DP_DRIVE@@QAEEPAU_SENSE_DATA@@@Z
?QueryNtfsTime@IFS_SYSTEM@@SGXPAT_LARGE_INTEGER@@@Z
?QueryContainingRange@NUMBER_SET@@QBEEVBIG_INT@@PAV2@1@Z
?IsATformat@DP_DRIVE@@QBEEXZ
?SetCache@IO_DP_DRIVE@@QAEXPAVDRIVE_CACHE@@@Z
?DoesIntersectSet@NUMBER_SET@@QBEEVBIG_INT@@0@Z
rastapi
EnableDeviceForDialIn
AddPorts
PortGetPortState
GetZeroDeviceInfo
PortOpen
PortReceive
PortGetInfo
DeviceListen
DeviceDone
PortGetStatistics
PortSetFraming
UnloadRastapiDll
PortClose
SetCommSettings
DeviceEnum
PortInit
DeviceGetDevConfig
PortDisconnect
pdh
PdhGetLogFileSize
PdhVbOpenQuery
PdhVbCreateCounterPathList
PdhSetLogSetRunID
PdhCollectQueryDataEx
PdhSetQueryTimeRange
PdhRelogA
PdhMakeCounterPathA
PdhGetDefaultPerfCounterW
PdhGetCounterInfoA
PdhBrowseCountersHW
PdhVerifySQLDBW
PdhConnectMachineW
PdhVbGetCounterPathElements
PdhExpandWildCardPathHA
PdhGetCounterInfoW
PdhEnumObjectsHA
PdhValidatePathA
PdhRelogW
PdhOpenQuery
PdhCloseQuery
PdhEnumLogSetNamesW
PdhGetDefaultPerfObjectHA
PdhGetDllVersion
PdhGetLogFileTypeW
untfs
Extend
?Initialize@NTFS_CLUSTER_RUN@@QAEEPAVMEM@@PAVLOG_IO_DP_DRIVE@@VBIG_INT@@KK@Z
??0NTFS_UPCASE_FILE@@QAE@XZ
?QueryAttributeListAttribute@NTFS_FILE_RECORD_SEGMENT@@QAEEPAVNTFS_ATTRIBUTE@@PAE@Z
?QueryNumberOfExtents@NTFS_EXTENT_LIST@@QBEKXZ
?Write@NTFS_BITMAP@@QAEEPAVNTFS_ATTRIBUTE@@PAV1@@Z
?CopyIterator@NTFS_INDEX_TREE@@QAEEPAV1@@Z
?QueryVolumeFlagsAndLabel@NTFS_SA@@QAEGPAE00PAVWSTRING@@@Z
??1NTFS_REFLECTED_MASTER_FILE_TABLE@@UAE@XZ
??1NTFS_FILE_RECORD_SEGMENT@@UAE@XZ
FormatEx
??0NTFS_EXTENT_LIST@@QAE@XZ
?QueryDefaultClustersPerIndexBuffer@NTFS_SA@@SGKPBVDP_DRIVE@@K@Z
?Initialize@NTFS_EXTENT_LIST@@QAEEVBIG_INT@@0@Z
?IsDosName@NTFS_SA@@SGEPBU_FILE_NAME@@@Z
?Initialize@NTFS_ATTRIBUTE_RECORD@@QAEEPAVIO_DP_DRIVE@@PAX@Z
?QuerySegmentReference@NTFS_MFT_INFO@@SG?AU_MFT_SEGMENT_REFERENCE@@PAX@Z
?Save@NTFS_INDEX_TREE@@QAEEPAVNTFS_FILE_RECORD_SEGMENT@@@Z
?IsAllocated@NTFS_BITMAP@@QBEEVBIG_INT@@0@Z
??0NTFS_FRS_STRUCTURE@@QAE@XZ
??1NTFS_BITMAP@@UAE@XZ
??1NTFS_BOOT_FILE@@UAE@XZ
?Read@NTFS_ATTRIBUTE@@QAEEPAXVBIG_INT@@KPAK@Z
??0NTFS_UPCASE_TABLE@@QAE@XZ
??1NTFS_ATTRIBUTE@@UAE@XZ
Sections
.text Size: 467KB - Virtual size: 466KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 372KB - Virtual size: 1.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 452B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ