Static task
static1
Behavioral task
behavioral1
Sample
bfe26fe3dc82212b88aa07e54eb5e330_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
bfe26fe3dc82212b88aa07e54eb5e330_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
bfe26fe3dc82212b88aa07e54eb5e330_JaffaCakes118
-
Size
133KB
-
MD5
bfe26fe3dc82212b88aa07e54eb5e330
-
SHA1
6cc05f61919431e274a3d817719eea4c48b1c83d
-
SHA256
698258d5ae9f939f1af465a553f7c2d55d69c36116eec481fe7f4b63b890b565
-
SHA512
ef3887fbdd333e9f8a57e39e8e0502b8a8a3123fb815bd9cddf5834948c6731cca1683cf68f69e583c13defe34ac1bf7ae69122e992bedeb7f0e6dd6e7a2f33b
-
SSDEEP
3072:h1Z1wotKpIww3w1Ew7EDstGyq4MgZUadf:rwR5wAmw7OstiVM5
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource bfe26fe3dc82212b88aa07e54eb5e330_JaffaCakes118
Files
-
bfe26fe3dc82212b88aa07e54eb5e330_JaffaCakes118.exe windows:4 windows x86 arch:x86
79516ed0e217712bc6bbea229986e208
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
oleacc
LresultFromObject
ole32
CoUninitialize
CoFileTimeNow
StgOpenStorage
CoCreateInstance
CoInitialize
shell32
SHGetSpecialFolderPathW
ShellExecuteExW
kernel32
VirtualProtect
LoadResource
GetCurrentProcessId
OpenFile
SetEndOfFile
TlsAlloc
EnumResourceNamesW
GetVersionExA
GetCurrentThreadId
TlsFree
TlsGetValue
ExitProcess
GetUserDefaultLCID
TlsSetValue
LoadLibraryExA
GetModuleHandleW
Sections
.text Size: 108KB - Virtual size: 107KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 792B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 22KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 212KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ