I:\kjazPGYafcxlI\imKxoTYlvwem\gefoCOdlj.pdb
Static task
static1
Behavioral task
behavioral1
Sample
d050948baeb9ab064787fa72557500df_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d050948baeb9ab064787fa72557500df_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
d050948baeb9ab064787fa72557500df_JaffaCakes118
-
Size
70KB
-
MD5
d050948baeb9ab064787fa72557500df
-
SHA1
07ae1ffde94aacce0dae103ada0502e62f60b609
-
SHA256
73c34a153c0d719fa989084b668cc64d05d4afd8b6a3872263f231c485b6fd4c
-
SHA512
2795d5cc24fa411ff99d0f580ab0289e76bd979b09540508485b72deec23a5987183d7e4586ab5ee73644beeb74d77a0aa0012a33ca825a1c52b76f719146159
-
SSDEEP
768:Ps6A48uP8YytJZaFlVzynZoZo4TvyK4jpZjNHw+1IhxMWZ9lTZZ8tLBs5tc6Eq2o:GWP9/Vzyn234jdw+krlTkeaFR8
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d050948baeb9ab064787fa72557500df_JaffaCakes118
Files
-
d050948baeb9ab064787fa72557500df_JaffaCakes118.exe windows:5 windows x86 arch:x86
d446fe7fff6d4e422a9f5d36ebb3222b
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
shlwapi
StrRChrW
StrFormatByteSize64A
kernel32
LoadLibraryExW
SetThreadExecutionState
EnterCriticalSection
GetModuleHandleA
LoadResource
UnlockFile
LoadLibraryA
HeapLock
msvcrt
_controlfp
__set_app_type
perror
__p__fmode
__p__commode
_amsg_exit
_initterm
_ismbblead
_XcptFilter
_exit
_cexit
putc
__setusermatherr
strcspn
__getmainargs
gdi32
GetDIBits
RoundRect
CreatePolygonRgn
ResizePalette
CreateRoundRectRgn
RectVisible
user32
IsCharAlphaW
SendMessageW
wsprintfA
WaitForInputIdle
wvsprintfW
EnableScrollBar
EnumChildWindows
GetWindowTextW
Exports
Exports
?FutureProspect@@YGHPADK|U
Sections
.text Size: 48KB - Virtual size: 47KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 21KB - Virtual size: 64KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE