Static task
static1
Behavioral task
behavioral1
Sample
abdd576e00553093813de25bd5c4173a_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
abdd576e00553093813de25bd5c4173a_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
abdd576e00553093813de25bd5c4173a_JaffaCakes118
-
Size
87KB
-
MD5
abdd576e00553093813de25bd5c4173a
-
SHA1
7aeb11b1d18d3fa268e295889ae5c3abbfda7f30
-
SHA256
581d460227b1eb3cde92ef7611dda2e64748e3c8586085a37781efdf1fc674f3
-
SHA512
647546371b3e1d4165f2e4c9fe18ea5c1266d4c0b4e1819ee15380ae1f753355a6795ecbba353dc01968f143b744e36b1d007ecfc937ea22fd5a2a52f5b749e2
-
SSDEEP
1536:TexBh6owmWWvCtqH7aNBmexy9p9BlYYyQJF/jWDmLwSJwKrVOS:QBh6h9WvSqba239VlB3/jImLzwKr
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource abdd576e00553093813de25bd5c4173a_JaffaCakes118
Files
-
abdd576e00553093813de25bd5c4173a_JaffaCakes118.exe windows:4 windows x86 arch:x86
4e85f51a319deb7849c5b7035fac5e99
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
user32
GetSysColor
FrameRect
GetMessageA
GetScrollPos
EnableMenuItem
SetWindowPos
EnumWindows
EqualRect
GetSubMenu
UnhookWindowsHookEx
GetSysColorBrush
PostQuitMessage
SetWindowTextA
kernel32
GetCurrentProcessId
RtlUnwind
FileTimeToSystemTime
GetFileAttributesA
ExitProcess
GetTimeZoneInformation
VirtualAllocEx
GetOEMCP
GetStartupInfoA
GetThreadLocale
InterlockedExchange
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetACP
GetTickCount
GetTempPathA
gdi32
SetViewportExtEx
DPtoLP
GetMapMode
SelectClipPath
ExcludeClipRect
CopyEnhMetaFileA
CreateCompatibleBitmap
FillRgn
CreateICW
ole32
CoCreateInstance
CoRevokeClassObject
DoDragDrop
CoTaskMemRealloc
StgOpenStorage
CoInitializeSecurity
OleRun
StringFromGUID2
CoInitialize
advapi32
GetUserNameA
QueryServiceStatus
FreeSid
RegCreateKeyExW
GetSecurityDescriptorDacl
CheckTokenMembership
CryptHashData
RegQueryValueExW
AdjustTokenPrivileges
RegCreateKeyA
msvcrt
strlen
fprintf
__getmainargs
_strdup
strcspn
_fdopen
signal
fflush
iswspace
strncpy
_lock
__initenv
raise
puts
__setusermatherr
_mbscmp
_CIpow
_flsbuf
comctl32
ImageList_LoadImageW
ImageList_SetIconSize
ImageList_LoadImageA
CreatePropertySheetPageA
ImageList_ReplaceIcon
InitCommonControls
ImageList_DragEnter
ImageList_GetIconSize
ImageList_Write
ImageList_Destroy
ImageList_GetBkColor
ImageList_DrawEx
ImageList_GetIcon
shell32
DragAcceptFiles
DragQueryFileA
SHGetPathFromIDList
ShellExecuteEx
SHBrowseForFolderA
DoEnvironmentSubstW
ExtractIconExW
CommandLineToArgvW
DragQueryFileW
ExtractIconW
ShellExecuteW
oleaut32
SafeArrayPtrOfIndex
SafeArrayUnaccessData
SafeArrayPutElement
SafeArrayCreate
VariantCopy
SysReAllocStringLen
SafeArrayRedim
SafeArrayGetUBound
Sections
.text Size: 38KB - Virtual size: 37KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 42KB - Virtual size: 41KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6KB - Virtual size: 34KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE