Static task
static1
Behavioral task
behavioral1
Sample
bd19b533336e75dbeddbe23b99949be8_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
bd19b533336e75dbeddbe23b99949be8_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
bd19b533336e75dbeddbe23b99949be8_JaffaCakes118
-
Size
26KB
-
MD5
bd19b533336e75dbeddbe23b99949be8
-
SHA1
771c817d5256ceac739a39496e573d9b86292cfa
-
SHA256
8f178eea49c6ced872ce36dc6c982e3195fbdf522feb6eb4a179183292a4910e
-
SHA512
c16c02cd64d32f5f149e8e6653843bc0cd2fd6ae5e73987bda1b17a31bc88d214edf9c8b0930405f2af5680fb85f314a02008a93641b989ef6bbdc7f6f6080cf
-
SSDEEP
384:zM/ccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccu:zg7UTyiWyNI7ex/UJg
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource bd19b533336e75dbeddbe23b99949be8_JaffaCakes118
Files
-
bd19b533336e75dbeddbe23b99949be8_JaffaCakes118.exe windows:4 windows x86 arch:x86
14e9aa11f94524876768e821fa4efe02
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetProcAddress
LoadLibraryA
CloseHandle
GetModuleHandleA
GetFileSize
CreateEventA
lstrcatA
GlobalFree
GetVersionExA
GetStdHandle
GetLastError
LocalFree
GlobalAlloc
Sleep
lstrcpyA
GetStartupInfoA
GetTickCount
LocalAlloc
user32
EndDialog
DispatchMessageA
GetMessageA
BeginPaint
SetFocus
DefWindowProcA
LoadIconA
PostQuitMessage
GetClientRect
ShowWindow
DestroyWindow
GetSysColor
GetFocus
MessageBoxA
CreateWindowExA
GetWindowRect
Sections
.text Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 1014B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 14KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ