d:\mmut\mutator8.3\tmp\90737bdb02b1e7e14c9ddd657a858f99\installator1.pdb
Static task
static1
Behavioral task
behavioral1
Sample
a0f5e34d9bbd6e6382bfdb669fe97a75_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
a0f5e34d9bbd6e6382bfdb669fe97a75_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
a0f5e34d9bbd6e6382bfdb669fe97a75_JaffaCakes118
-
Size
338KB
-
MD5
a0f5e34d9bbd6e6382bfdb669fe97a75
-
SHA1
03e61019d529414ed98a4ea810acdd1baa589cbf
-
SHA256
1b809e273c3007fa38b2aa1a5c1883bbc2cb26061ef12c1294e254cd54291f65
-
SHA512
d672f991d31074326b1e02fc657c8e22fef896fd9dd6e9b055c7ac43211244e2a247d24b1b8a0ec8e20d15533f7c19d7c1155fd32eadc837c35df0d787c2f0ae
-
SSDEEP
6144:8K8lXS4por1HzGE0ihKmBxAqmhC9WObfYNR3J5z7JJWD/ceOhfrZvpW:8K8lXS4por1HzGE0iMmB+qEC9FYn3J5z
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a0f5e34d9bbd6e6382bfdb669fe97a75_JaffaCakes118
Files
-
a0f5e34d9bbd6e6382bfdb669fe97a75_JaffaCakes118.exe windows:5 windows x86 arch:x86
af0f471b5a369255eef37dbe69e3bc50
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
user32
GetWindow
advapi32
RegEnumValueA
RegQueryValueExA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
LookupAccountSidA
GetTokenInformation
OpenProcessToken
ws2_32
WSAStartup
WSACleanup
wininet
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetReadFile
HttpQueryInfoA
netapi32
NetUserGetInfo
NetApiBufferFree
kernel32
RtlUnwind
CompareStringW
CompareStringA
GetProcessHeap
SetEndOfFile
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetCompressedFileSizeA
GetCommandLineA
CloseHandle
UnlockFile
WriteFile
LockFile
SetFilePointer
ReadFile
CreateFileA
GetLogicalDriveStringsA
CreateMutexA
ExitProcess
OpenMutexA
Sleep
CreateProcessA
CopyFileA
GetModuleFileNameA
GetEnvironmentVariableA
GetShortPathNameA
GetCurrentProcess
MultiByteToWideChar
SetEnvironmentVariableA
CreateThread
SetFileAttributesA
GetLastError
CreateDirectoryA
GetLocalTime
GetVolumeInformationA
GetDriveTypeA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
GetSystemTimeAsFileTime
WideCharToMultiByte
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FindNextFileA
GetModuleHandleW
GetProcAddress
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
TerminateProcess
IsDebuggerPresent
HeapFree
SetHandleCount
GetStdHandle
GetFileType
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
SetStdHandle
GetFullPathNameA
GetCurrentDirectoryA
HeapAlloc
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RaiseException
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
VirtualAlloc
HeapReAlloc
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
Sections
.text Size: 237KB - Virtual size: 236KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 95KB - Virtual size: 94KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE