Medfktbrh
CloseRjkalpfo
GetVtwydlyyc
Ecdgkplyq
Jttcxdwec
Niheanw
AddTdfqfdlstiu
Ukcobxjjpw
Gohsmsf
Vcjcxgvgv
ClosePkbnoijky
Okamxuepd
Wtylthlgwl
Rnbjabcvdm
SetJwxpvljme
Nbkdecvkvss
OpenUtpacwm
BeginLoqxxex
ReadYdhgcqg
Wmgadbgdh
Static task
static1
Behavioral task
behavioral1
Sample
d1998fb7d8a1d1ef16464339fa8da9b2_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d1998fb7d8a1d1ef16464339fa8da9b2_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Target
d1998fb7d8a1d1ef16464339fa8da9b2_JaffaCakes118
Size
131KB
MD5
d1998fb7d8a1d1ef16464339fa8da9b2
SHA1
db1edc649f81d1ff89da2d902e70d8386f524a1f
SHA256
9988953ca0914854a4d4823de425d7abc451956f782ca23384798036fd58c0aa
SHA512
48e6d51938d1859c2c934ac544e6d6d942f70d704519b25bc50504ad1d957f86acd175e13a09b46da12f6813f2350240eea0abf2cd7583a6d0ff1de311fd0c35
SSDEEP
3072:0Mi2ARmhZXFoYMGSXq4CDfOR9eSeRxNaGNQJxTAB7sygnYulXlO6:0Mp8mPdZ6CDOVeZasNQJlXE6
Checks for missing Authenticode signature.
resource |
---|
d1998fb7d8a1d1ef16464339fa8da9b2_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
ExitProcess
EnumSystemGeoID
HeapAlloc
lstrcmpA
LocalFlags
FindFirstVolumeA
GetLogicalDriveStringsA
CallNamedPipeA
ReplaceFile
GetPrivateProfileStructA
GetLogicalDrives
OpenFileMappingA
GetConsoleScreenBufferInfo
PeekNamedPipe
GetFullPathNameA
FindResourceExW
LZDone
GetProcessHeaps
GetDefaultCommConfigA
VirtualAllocEx
Medfktbrh
CloseRjkalpfo
GetVtwydlyyc
Ecdgkplyq
Jttcxdwec
Niheanw
AddTdfqfdlstiu
Ukcobxjjpw
Gohsmsf
Vcjcxgvgv
ClosePkbnoijky
Okamxuepd
Wtylthlgwl
Rnbjabcvdm
SetJwxpvljme
Nbkdecvkvss
OpenUtpacwm
BeginLoqxxex
ReadYdhgcqg
Wmgadbgdh
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ