Static task
static1
Behavioral task
behavioral1
Sample
8ddc1035ead2c7a7b7acf5ace170a6d9_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
8ddc1035ead2c7a7b7acf5ace170a6d9_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
8ddc1035ead2c7a7b7acf5ace170a6d9_JaffaCakes118
-
Size
64KB
-
MD5
8ddc1035ead2c7a7b7acf5ace170a6d9
-
SHA1
d592b853623def6d3f2bb55cd7feb121555874ee
-
SHA256
595a5631d627b45b28b6028745140e43401a803ba3922449c1b0542f827ecf33
-
SHA512
ac7081302f686b7911aab36e188900c6732bcc54d2bf352684c4733b8ee88b4b4edf42cc073896afc4d75f8192f50c58bc5769dc4ab84a55a83cbecb64e4b77e
-
SSDEEP
1536:dx4Of/OCEEWJNyPZvrpjRriFP+zKtGafJ3a7EaGjTU:v4cGzEWzWtj9q0kNW3kw
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8ddc1035ead2c7a7b7acf5ace170a6d9_JaffaCakes118
Files
-
8ddc1035ead2c7a7b7acf5ace170a6d9_JaffaCakes118.exe windows:4 windows x86 arch:x86
0eb33c8cf2018976281ef5885d22a9e2
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
msvcrt
_controlfp
user32
DestroyWindow
advapi32
RegCloseKey
shell32
Shell_NotifyIconA
wininet
InternetGetConnectedState
ws2_32
WSACleanup
ole32
CoUninitialize
oleaut32
SysFreeString
version
GetFileVersionInfoA
gdi32
GetDeviceCaps
urlmon
URLDownloadToFileA
Sections
.text Size: 54KB - Virtual size: 176KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 9KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE