Static task
static1
Behavioral task
behavioral1
Sample
96b63143e9743a9d029d48ea5ae3734c_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
96b63143e9743a9d029d48ea5ae3734c_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
96b63143e9743a9d029d48ea5ae3734c_JaffaCakes118
-
Size
36KB
-
MD5
96b63143e9743a9d029d48ea5ae3734c
-
SHA1
c9e2f75a7a0a1af03a8db3456fdd2574644c5b65
-
SHA256
90f17c53155c19be364e8ec0351c52d3799ce7621dcb8cd8ba3ce2ff57eae6c8
-
SHA512
726edd08ff1e2b5c5cc04640ff48fc1afb6cfebd40e03c511945a36f4525019fb737a4ddd2f313ccc2587514aec7ed40f511cda67d5d25303b1b2d685ad7609a
-
SSDEEP
768:OjN8j/Gft5ZHfS/L5CI4yLH3/ZSOB+fhvvz:K6jO/Za/QIX73/Z8hvvz
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 96b63143e9743a9d029d48ea5ae3734c_JaffaCakes118
Files
-
96b63143e9743a9d029d48ea5ae3734c_JaffaCakes118.exe windows:5 windows x86 arch:x86
fe23cd1ef3959dcb275509d10002628b
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
SetEndOfFile
SetFileAttributesA
lstrlenA
FindClose
CreateMutexA
CreateDirectoryW
FindFirstFileW
GetWindowsDirectoryA
SetFilePointer
MoveFileA
ReadFile
GetCurrentProcessId
ReleaseSemaphore
GetUserDefaultLangID
WriteFile
QueryPerformanceCounter
FindResourceW
VirtualAlloc
CreateFileW
GetTempFileNameW
CloseHandle
VirtualQuery
SetVolumeLabelA
MultiByteToWideChar
GetTempPathW
GetSystemDirectoryW
CreateFileA
GetTickCount
SetLastError
SizeofResource
CreateSemaphoreA
LoadResource
GetCurrentProcess
InterlockedIncrement
GetCurrentThreadId
RemoveDirectoryW
IsBadReadPtr
DeleteFileW
GetVersionExA
GetFileSize
DeviceIoControl
VirtualUnlock
GetPrivateProfileStringW
InterlockedDecrement
HeapFree
GetSystemTime
lstrcmpiA
ReleaseMutex
LockResource
GetSystemDefaultLangID
GetProcessHeap
GetStartupInfoA
UnhandledExceptionFilter
GetLastError
LocalFree
GetSystemTimeAsFileTime
HeapAlloc
GetFileAttributesW
VirtualLock
SetUnhandledExceptionFilter
GetPrivateProfileIntW
FindNextFileW
VirtualFree
user32
SetDlgItemTextA
DialogBoxIndirectParamA
ReleaseDC
EnableWindow
CallWindowProcA
EndDialog
SetWindowLongA
CharPrevA
MessageBoxA
CharUpperA
SetForegroundWindow
CharNextA
SendDlgItemMessageA
SetWindowPos
ExitWindowsEx
GetDC
PeekMessageA
DispatchMessageA
MsgWaitForMultipleObjects
GetWindowLongA
MessageBeep
wsprintfA
SendMessageA
GetWindowRect
GetDlgItemTextA
LoadStringA
GetDesktopWindow
GetDlgItem
SetWindowTextA
ShowWindow
gdi32
DeleteObject
GetStockObject
GetObjectA
CreateFontIndirectA
advapi32
CryptAcquireContextA
CryptGetHashParam
RegOpenKeyExA
CryptHashData
RegQueryValueExA
CryptCreateHash
CryptDestroyHash
RegCloseKey
ole32
CoGetInterfaceAndReleaseStream
CLSIDFromProgID
OleInitialize
CoCreateInstance
CoMarshalInterThreadInterfaceInStream
ntdll
NtQueryObject
RtlEqualUnicodeString
RtlCreateSecurityDescriptor
RtlInitUnicodeString
RtlGetDaclSecurityDescriptor
NtQuerySecurityObject
RtlSetDaclSecurityDescriptor
NtSetSecurityObject
RtlInitAnsiString
Sections
.text Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 117KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.lvbe Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
.edata Size: 139KB - Virtual size: 247KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ