Static task
static1
Behavioral task
behavioral1
Sample
d21e3339a47aeac2c2184698178240f9_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d21e3339a47aeac2c2184698178240f9_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
d21e3339a47aeac2c2184698178240f9_JaffaCakes118
-
Size
20KB
-
MD5
d21e3339a47aeac2c2184698178240f9
-
SHA1
06a35ca34810d970f91d88e029119f82e21e03fd
-
SHA256
dd10f36cb6bbb5c5f4fdd920a992abda172a65a9a91ebd90ae940ca627a07b16
-
SHA512
61989ad59f2b6f9a0ff9731e8c8ddd9d9cdad021a5f2b76c6be9af80b9b477855ca9205ffe1ffab75adaa1ae8233741c66904a5ef6ad624329c9482e19e295f7
-
SSDEEP
384:ySNUJYb9eVFK2dbl1LN7W7NE+IAaFREbpyYGOF:ydJG9eVB1h7WBMEgI
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d21e3339a47aeac2c2184698178240f9_JaffaCakes118
Files
-
d21e3339a47aeac2c2184698178240f9_JaffaCakes118.exe windows:4 windows x86 arch:x86
b4bccbfb1617824748b7eb8757fcf556
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
wininet
DeleteUrlCacheContainerA
DeleteUrlCacheContainerW
FreeUrlCacheSpaceA
ForceNexusLookupExW
FtpOpenFileA
DeleteUrlCacheContainerA
DeleteUrlCacheContainerW
FreeUrlCacheSpaceA
comdlg32
GetOpenFileNameA
LoadAlterBitmap
dwOKSubclass
dwLBSubclass
PageSetupDlgA
ChooseFontA
kernel32
DuplicateHandle
ExitThread
TerminateThread
WriteFile
Sections
.text Size: 13KB - Virtual size: 21KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 2KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE