J:\OsdbJaHzl\ectuuuO\rDpshvmh.pdb
Static task
static1
Behavioral task
behavioral1
Sample
9771227addc1063994ea8c94059336a0_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
9771227addc1063994ea8c94059336a0_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
9771227addc1063994ea8c94059336a0_JaffaCakes118
-
Size
161KB
-
MD5
9771227addc1063994ea8c94059336a0
-
SHA1
c4bccc3731fa980254e7ab4098859d016e47c4d3
-
SHA256
74a1dafd956925d964db95d61a9ff4d6218b54fdfbd7dfda6224b52e7137c089
-
SHA512
ae58007c31eb131616001819cd846461b39b6164038bc985bc8fab6a41c4f66e96c8195a6444b0b6c057ade0813b97172d89846d82483256608923ad2ed25b6f
-
SSDEEP
3072:pvYObcHnhiunzxrsWtkZE0qRnZBOMqo+MC8ycQoGdFs2e:pwObcHnQqxr/tXvRnZBOMHNPycfcO
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 9771227addc1063994ea8c94059336a0_JaffaCakes118
Files
-
9771227addc1063994ea8c94059336a0_JaffaCakes118.exe windows:5 windows x86 arch:x86
1652086cbb8f64507b85cdad9abd1a41
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
user32
RegisterClassA
GetAsyncKeyState
FillRect
GetMessageW
FindWindowW
GetMenuItemCount
SendDlgItemMessageA
GetSystemMenu
GetClassInfoW
DrawFrameControl
SetFocus
CallWindowProcW
TrackPopupMenu
GetDlgItemTextW
GetKeyboardLayoutNameW
GetClassNameW
GetMessageExtraInfo
DefFrameProcA
GetWindowDC
MonitorFromPoint
GetMessageTime
SetDlgItemInt
DefDlgProcA
IsCharAlphaNumericW
KillTimer
LoadBitmapW
IsWindow
DispatchMessageW
GetSubMenu
RegisterClassExW
IsWindowEnabled
GetDlgItem
TranslateAcceleratorA
SetClassLongW
MessageBoxExA
DefDlgProcW
MapVirtualKeyExW
IsCharAlphaW
LoadIconW
IsDlgButtonChecked
FrameRect
LoadImageW
ExitWindowsEx
SetSysColors
shlwapi
StrToIntExA
ord29
kernel32
HeapFree
SetHandleCount
ReleaseMutex
SetThreadAffinityMask
GetModuleHandleA
GetBinaryTypeW
EnumSystemLocalesA
FindResourceW
GetSystemWindowsDirectoryA
FindFirstFileA
VirtualQuery
GetPriorityClass
lstrcpyW
HeapReAlloc
GetThreadLocale
HeapCreate
GetVersion
LoadLibraryW
CreateNamedPipeW
GetSystemTimeAsFileTime
GetTickCount
SetHandleInformation
IsDBCSLeadByte
msvcrt
getenv
_controlfp
strerror
__set_app_type
__p__fmode
__p__commode
swscanf
_amsg_exit
mbstowcs
vswprintf
_initterm
_acmdln
exit
strcpy
_ismbblead
iswspace
setvbuf
_XcptFilter
_exit
_cexit
setlocale
__setusermatherr
__getmainargs
wcstok
perror
vsprintf
strstr
gdi32
TranslateCharsetInfo
GetTextExtentPointW
EndPath
SetTextColor
RestoreDC
GetTextExtentPoint32A
RectInRegion
StretchBlt
GetCharWidth32W
OffsetViewportOrgEx
SetViewportExtEx
RectVisible
BeginPath
BitBlt
GetBitmapBits
ExtTextOutA
SelectPalette
AddFontResourceW
GetTextCharsetInfo
comctl32
ImageList_Destroy
CreateStatusWindowW
PropertySheetW
ImageList_Remove
ImageList_Draw
Exports
Exports
?CopyFullNameOriginal@@YGPAGPAHPAJPAGJ~U
?ModifyCommandLineExW@@YGPANNKPAIPAF~U
?ModifyTaskNew@@YGXPAJGPAF~U
?SendHeight@@YGPAXNK~U
?SendComponentOld@@YGMFM~U
?ShowAppNameEx@@YGHMIPAF~U
?DumpDigitalDataCBhJEB@@YGKGHE@Z
?CallEventEx@@YGKPAIPAGPAI~U
?CloseListItemW@@YGGPAI~U
Sections
.text Size: 21KB - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.init Size: 1024B - Virtual size: 536B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tidat Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tedat Size: 1024B - Virtual size: 547B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 1024B - Virtual size: 760B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.alloc Size: - Virtual size: 127KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 128KB - Virtual size: 128KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ