Static task
static1
Behavioral task
behavioral1
Sample
968b8cbee80000a9cbf4980d5fbfc6da_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
968b8cbee80000a9cbf4980d5fbfc6da_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
968b8cbee80000a9cbf4980d5fbfc6da_JaffaCakes118
-
Size
253KB
-
MD5
968b8cbee80000a9cbf4980d5fbfc6da
-
SHA1
f87775df7860e4e7aee37e221661579e4b3da67c
-
SHA256
a7124f2432a832338db25d7f8387152f830f36c4a26b327375331726ed89a99e
-
SHA512
1acc486ca9e3ae17c069d693677bdbbf2419354d8148032f974515d41358106f1fc5f4cbc70e8bff29953ce691e2fdcdfeedf73ad31d5f95c37e3782b2c03f01
-
SSDEEP
6144:end4rq3XxdtoX/gxlMcNUKaHvm3Tn7Bef0X4epd3IvCxUV759O+DUDjV:end/BbWIxlM8ymDd20X4epdYqSOOE
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 968b8cbee80000a9cbf4980d5fbfc6da_JaffaCakes118
Files
-
968b8cbee80000a9cbf4980d5fbfc6da_JaffaCakes118.exe windows:4 windows x86 arch:x86
d6087ceb5acbe66a02e0fa86d1359aba
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Imports
user32
GetLastActivePopup
EnumWindowStationsW
SetForegroundWindow
ShowWindow
GetWindowRect
IsIconic
SetRect
GetClientRect
dciman32
DCIBeginAccess
kernel32
GetProcessHeap
GetModuleHandleA
SetStdHandle
GetLastError
ExitProcess
FreeLibrary
CloseHandle
CompareStringW
ExitProcess
LoadLibraryA
Sections
.text Size: 179KB - Virtual size: 179KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 608B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 67KB - Virtual size: 66KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bore Size: 5KB - Virtual size: 121KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ