Static task
static1
Behavioral task
behavioral1
Sample
bf66071d85843b2d6a2598b0fd72a7d9_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
bf66071d85843b2d6a2598b0fd72a7d9_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
bf66071d85843b2d6a2598b0fd72a7d9_JaffaCakes118
-
Size
188KB
-
MD5
bf66071d85843b2d6a2598b0fd72a7d9
-
SHA1
05285f5714291c562a609f3bdb4192a150457d65
-
SHA256
6276dfbbf7d03b7918ca2b6d92221af73adffa74d36e5a70acfb867fb5f42046
-
SHA512
18c5beda899b392e997d7ad01ed11a9258d0adbcb43a537b44f433d4f7c81512c5ea8fe9231f9abcc20d996fc327ce4cae1ac92c8dc5f0a6e1953271e3bb0c32
-
SSDEEP
3072:ILdsRGAvZUC/56HjiTFZJVmhSRVmprr/nNPkAXk9s55hFkzENtT1LSJZDppHi:ILdsMAvKC/5nF1mwOrnyNO55jtNtT1em
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource bf66071d85843b2d6a2598b0fd72a7d9_JaffaCakes118
Files
-
bf66071d85843b2d6a2598b0fd72a7d9_JaffaCakes118.exe windows:4 windows x86 arch:x86
737fce661c5c30e6eb4f4fb7e87746d8
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
GetCurrentProcess
LCMapStringA
LoadLibraryA
CreateFileA
CloseHandle
ExitProcess
user32
SetWindowLongA
CharLowerBuffA
CreateWindowExA
CloseWindow
wsprintfA
advapi32
RegCloseKey
RegEnumValueA
RegOpenKeyA
RegCreateKeyA
RegQueryValueA
RegDeleteValueA
RegSetValueA
RegEnumKeyA
RegDeleteKeyA
Sections
.text Size: 146KB - Virtual size: 148KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ