Static task
static1
Behavioral task
behavioral1
Sample
82da7339b2fdf978181550b9e1e5768b_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
82da7339b2fdf978181550b9e1e5768b_JaffaCakes118.exe
Resource
win10v2004-20240730-en
General
-
Target
82da7339b2fdf978181550b9e1e5768b_JaffaCakes118
-
Size
216KB
-
MD5
82da7339b2fdf978181550b9e1e5768b
-
SHA1
c45a0ad1852a0900da6566c3c4d99f5854267fa0
-
SHA256
0a30a179f0c603f89e94be1e11daac39abaa3afdd46a0fb1ff6c49ed656ade87
-
SHA512
22a9011983d699bfc1ff9b01f6b84c01d5922dc79b466f88827d093a90cffe7864ac5acfc0eaa78ba93df1e82243256befbb4886b25c87a103166797c0cb22d3
-
SSDEEP
6144:mZTmPxkyqizMeRMup+/iDlI0s+8lFAOIRz1RBWem:hPxIq9xIu01I9LU
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 82da7339b2fdf978181550b9e1e5768b_JaffaCakes118
Files
-
82da7339b2fdf978181550b9e1e5768b_JaffaCakes118.exe windows:4 windows x86 arch:x86
faee8285328b416fdd1e408f78a625bc
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CloseHandle
GetCurrentProcess
ExitProcess
LoadLibraryA
CreateFileA
LCMapStringA
user32
CreateWindowExA
CharLowerBuffA
CloseWindow
wsprintfA
SetWindowLongA
advapi32
RegCloseKey
RegOpenKeyA
RegEnumKeyA
RegEnumValueA
RegQueryValueA
RegDeleteValueA
RegSetValueA
RegCreateKeyA
RegDeleteKeyA
Sections
.text Size: 160KB - Virtual size: 164KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 16KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ