Static task
static1
Behavioral task
behavioral1
Sample
83e7145fa27adb0a7d7e55c27ef82391_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
83e7145fa27adb0a7d7e55c27ef82391_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
83e7145fa27adb0a7d7e55c27ef82391_JaffaCakes118
-
Size
1.4MB
-
MD5
83e7145fa27adb0a7d7e55c27ef82391
-
SHA1
274270bc47f28ec248c77f1bc63f97635181885c
-
SHA256
2516cd348d6c2e2a0f410c93d545bf74470bc74d6c13864b4062a7e0faa97a5f
-
SHA512
2883704688a199e71de192aac8ab5fa67655ef45a385444f509640a78fe97e28f3c39ebc96b4d8b43d0d897747d3e6d1ea49000ef296466bba4faafd7cc225fd
-
SSDEEP
24576:mLGNAh3bv2SiMAXrEv0GkyEmNfCthvTdjDiJYsEJ1mvUJE+w3dBMXNMbx:mGmoMAXpyE2fwf9B1UUJEaMb
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 83e7145fa27adb0a7d7e55c27ef82391_JaffaCakes118
Files
-
83e7145fa27adb0a7d7e55c27ef82391_JaffaCakes118.exe windows:4 windows x86 arch:x86
de05e50457947113ed1d58395d05e625
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
user32
EndDialog
gdi32
BitBlt
comdlg32
GetFileTitleA
winspool.drv
ClosePrinter
advapi32
RegSetValueExA
shell32
ShellExecuteA
comctl32
ord17
shlwapi
PathIsUNCA
oleaut32
VariantChangeType
ws2_32
ntohl
Sections
.text Size: 1.3MB - Virtual size: 3.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 9KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
����A Size: 91KB - Virtual size: 92KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE