Static task
static1
Behavioral task
behavioral1
Sample
9617923cee4f84a52dd16a1d6c1b7176_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
9617923cee4f84a52dd16a1d6c1b7176_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
9617923cee4f84a52dd16a1d6c1b7176_JaffaCakes118
-
Size
51KB
-
MD5
9617923cee4f84a52dd16a1d6c1b7176
-
SHA1
5d82400ee6220c3d69ffc335889ee039e576fbae
-
SHA256
bfb01a0dbf7558484cbd254a2d432fa6bf3d595fa7ccd719101219fa4f28fb61
-
SHA512
43ce27728d2268bdf0db42b2633d9ecec13c2589acdad8f07f9270f3bcb143c0c35da23ac843b2ebaa3847517049d719b4bbbe55f7905ce84217f12becc9d6ed
-
SSDEEP
1536:xIZ5MtjVLXhrIEe9aCVhd5q2gwsWlKeaY:xIZ5MtZLXhrIEeaoAY
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 9617923cee4f84a52dd16a1d6c1b7176_JaffaCakes118
Files
-
9617923cee4f84a52dd16a1d6c1b7176_JaffaCakes118.exe windows:5 windows x86 arch:x86
262c8ccdb8bd12565a62ff001d021fc4
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
Imports
advapi32
CryptAcquireContextW
CryptDestroyHash
CryptHashData
GetUserNameW
RegCloseKey
RegCreateKeyExA
RegSetValueExA
shlwapi
PathFindFileNameW
PathMatchSpecW
PathRemoveFileSpecW
StrCmpNIW
StrStrW
wvnsprintfA
user32
DrawIcon
GetCursorPos
GetDlgItem
GetForegroundWindow
GetMessageA
GetWindowThreadProcessId
OpenDesktopA
PeekMessageA
SetMenuItemInfoW
Sections
.pkz Size: 42KB - Virtual size: 60KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.ercd Size: 2KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rif Size: 5KB - Virtual size: 76KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ