Static task
static1
Behavioral task
behavioral1
Sample
a8c1038519de67270b16cc68c2991bb8_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
a8c1038519de67270b16cc68c2991bb8_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
a8c1038519de67270b16cc68c2991bb8_JaffaCakes118
-
Size
178KB
-
MD5
a8c1038519de67270b16cc68c2991bb8
-
SHA1
3e69255446283259357a3313cc7e4de4325c1b60
-
SHA256
6d052ea514dba7fe600ff3b0a4343db2395afba9bdad85a5057bfeae36a83583
-
SHA512
879d0c25040db6dbbf5d8871c93dfe053f9bffd8fe3b37f5bdcf72249e8e1ca431c756762edf2a40b155d7e2efdbb8d0323f2da4d69473fb39718217ac268138
-
SSDEEP
3072:3Hvu5x3UtXZDlS6SgETiRwcPcvEr531O4KzRAH8eUZzxwHe:/i3UtXZDldSgEcbyu5FbKzRAce
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a8c1038519de67270b16cc68c2991bb8_JaffaCakes118
Files
-
a8c1038519de67270b16cc68c2991bb8_JaffaCakes118.exe windows:4 windows x86 arch:x86
a2095218b073bcfb9b6d5e08bd46ef6e
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetCurrentThreadId
GetShortPathNameA
GetCurrentProcessId
UnhandledExceptionFilter
GetHandleInformation
CloseHandle
EnumResourceTypesW
GetModuleHandleW
LoadLibraryW
ExitProcess
GetProcAddress
CreateFileW
GetLastError
GlobalFree
GetVersionExW
ole32
StgCreateDocfile
StgOpenStorage
msvfw32
ICOpen
ICSendMessage
ICClose
ICDecompress
user32
DestroyMenu
TrackPopupMenuEx
SetParent
GetFocus
GetDesktopWindow
RedrawWindow
IsWindow
LoadCursorW
InvalidateRect
SetWindowPos
ClipCursor
SetCursor
CreatePopupMenu
EnableWindow
PtInRect
Sections
.text Size: 104KB - Virtual size: 103KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: 70KB - Virtual size: 70KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 1024B - Virtual size: 248KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ