Static task
static1
Behavioral task
behavioral1
Sample
b3b9e512395bc249fe62091eb1619fc2_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
b3b9e512395bc249fe62091eb1619fc2_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
b3b9e512395bc249fe62091eb1619fc2_JaffaCakes118
-
Size
101KB
-
MD5
b3b9e512395bc249fe62091eb1619fc2
-
SHA1
06bdde0d1c2bbca7875278ffe9844e8ced411aa3
-
SHA256
1a7ad7a58a701995167645403f8f6df7afa6ef55320e409f8849cbf03b2aff09
-
SHA512
80933f43895d1ec2f951ac6815dc2068d5e4a3446d3346e3796f65eec44e25917d56d1045ca3317b651cb0f31cca92e2fee353b4d7980d99b9cf8ede4c62b858
-
SSDEEP
1536:ZmkThJf6UOKexz2kMt7MzuWt0bJhJGoXIio2IVctmje6Lfc6EWSQlGXN5:ZZBOzxyeuzbJaTxEmPlG95
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b3b9e512395bc249fe62091eb1619fc2_JaffaCakes118
Files
-
b3b9e512395bc249fe62091eb1619fc2_JaffaCakes118.exe windows:4 windows x86 arch:x86
fa967da7d6344dca4d965eadc0f5a946
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
user32
GetDC
GetSystemMetrics
GetParent
CharNextA
GetDesktopWindow
TranslateMessage
kernel32
lstrcmpiA
GetModuleHandleA
GetSystemTime
DeleteFileA
VirtualAlloc
GetWindowsDirectoryA
CopyFileA
QueryPerformanceCounter
lstrlenW
VirtualFree
lstrlenA
RemoveDirectoryA
RemoveDirectoryW
FindClose
lstrcmpiW
lstrcmpA
GetCommandLineA
GlobalFindAtomA
gdi32
CreateFontIndirectA
GetDeviceCaps
CreatePalette
DeleteObject
SetStretchBltMode
CreateCompatibleDC
SaveDC
SetTextColor
RectVisible
GetTextMetricsA
GetObjectA
LineTo
RestoreDC
SelectObject
GetClipBox
SelectPalette
GetStockObject
GetPixel
DeleteDC
SetTextAlign
glu32
gluNurbsCallback
Sections
.text Size: 27KB - Virtual size: 26KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 47KB - Virtual size: 46KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 26KB - Virtual size: 26KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ