Static task
static1
Behavioral task
behavioral1
Sample
8cf40da3f45041aee570c063eba474f9_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
8cf40da3f45041aee570c063eba474f9_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
8cf40da3f45041aee570c063eba474f9_JaffaCakes118
-
Size
46KB
-
MD5
8cf40da3f45041aee570c063eba474f9
-
SHA1
e8915a26c864144223a6e618e590edd5eed8860c
-
SHA256
08856acf98a5543e490df8091607b08fbc6d134a0ba86b459a150204740a70ed
-
SHA512
aeb5cf064bad8f37c39c36767adb18c8d3cbf39810bc1f3ab434212b1af1077052b3f4248b9acffb853c9d8b75ad29025117de045ad7f1eea23c7fb666d90857
-
SSDEEP
768:2wCDiYqBCwANALxN8U5Wclco4uOriUGY+cXQXVzBq3Sk+aYRZW5rfUUIq:2wciYKCvALyImri5cXOVzBUSk+aYvqU
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8cf40da3f45041aee570c063eba474f9_JaffaCakes118
Files
-
8cf40da3f45041aee570c063eba474f9_JaffaCakes118.exe windows:5 windows x86 arch:x86
7d56c99ba9212484f0912e0c046c1b07
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegDeleteValueA
RegQueryValueExA
CryptReleaseContext
CryptGetHashParam
DuplicateTokenEx
RegCloseKey
CryptCreateHash
shlwapi
wvnsprintfA
PathFileExistsW
StrStrW
PathCombineW
wnsprintfW
SHDeleteKeyA
PathMatchSpecW
wvnsprintfW
StrCmpNIA
wnsprintfA
PathRemoveFileSpecW
StrCmpNIW
PathFindFileNameW
Sections
.lyp Size: 36KB - Virtual size: 56KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.ulur Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.qfoneb Size: 5KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ