Static task
static1
Behavioral task
behavioral1
Sample
b2750792b0dec263622b7a106898307f_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
b2750792b0dec263622b7a106898307f_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
b2750792b0dec263622b7a106898307f_JaffaCakes118
-
Size
126KB
-
MD5
b2750792b0dec263622b7a106898307f
-
SHA1
5b31634da11abc0c8510ca8a37cd600a126be6cd
-
SHA256
981687bd87e36d836990ca1367069c8c333886b4d49b7d68ce15a5d1362f96bf
-
SHA512
9287c253df449e27623ce72acf5053906ce091c3b9eedb7875da6c6a25b8ca842918aaf98d94cfcacb956a181f5d6523e4ddd7f0809299576cb93d32db3ad6ee
-
SSDEEP
3072:0zfPOZE3rtF84oh03XPSVVKWLjOhReWrcJdc75u7k:0zfPn7tbosXPSVVKWmTe0Qdcl
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b2750792b0dec263622b7a106898307f_JaffaCakes118
Files
-
b2750792b0dec263622b7a106898307f_JaffaCakes118.exe windows:4 windows x86 arch:x86
ed6e1c94ea2e5c66cf094d274b208bd2
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ClearCommBreak
GetExitCodeProcess
CreateFileMappingA
ClearCommBreak
ReleaseMutex
QueryPerformanceCounter
EnumResourceNamesW
CreateMutexA
ExitProcess
ExitProcess
CreateProcessW
GetStartupInfoA
MapViewOfFile
user32
PeekMessageA
KillTimer
PostThreadMessageA
CharNextA
GetMessageA
CharUpperA
SetTimer
LoadStringA
rpcrt4
RpcBindingFromStringBindingA
RpcBindingSetAuthInfoA
RpcStringBindingComposeA
NdrClientCall
RpcStringFreeA
Sections
.text Size: 91KB - Virtual size: 91KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 828B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 32KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rscr Size: 512B - Virtual size: 80KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ