Static task
static1
Behavioral task
behavioral1
Sample
afd3b860db6f6aa08d56bda41603a376_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
afd3b860db6f6aa08d56bda41603a376_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
afd3b860db6f6aa08d56bda41603a376_JaffaCakes118
-
Size
144KB
-
MD5
afd3b860db6f6aa08d56bda41603a376
-
SHA1
15ed08a03c904a4bccf83c101f4dbd39fe7dbe64
-
SHA256
6f5d5689bc9fd3a7b43eba61c378f964ad986f539981fccb3b9a79eebd04ecef
-
SHA512
ace33a760c2eb814f34b621d7477c1d776332fdbb40fe3a99a64503d37378a6783863224a2731d930a102a5bbdb90f775d9dd9c7d20c4be48aa7c8477109e8c8
-
SSDEEP
3072:GltRiRKH6P4XBcFf81ETnXH1sC3leUDN+Fytc/dY7cJa9bH:Gl2X46d8knXHdgU85gcJabH
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource afd3b860db6f6aa08d56bda41603a376_JaffaCakes118
Files
-
afd3b860db6f6aa08d56bda41603a376_JaffaCakes118.exe windows:4 windows x86 arch:x86
d804fecd9fdf23add60b86ccf25a5ad9
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LCMapStringA
LoadLibraryA
GetCurrentProcess
ExitProcess
CreateFileA
CloseHandle
user32
CharLowerBuffA
CreateWindowExA
SetWindowLongA
CloseWindow
wsprintfA
advapi32
RegCreateKeyA
RegQueryValueA
RegDeleteKeyA
RegOpenKeyA
RegSetValueA
RegEnumValueA
RegEnumKeyA
RegDeleteValueA
RegCloseKey
Sections
. Size: 127KB - Virtual size: 128KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
. Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.�9�1 Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ