Static task
static1
Behavioral task
behavioral1
Sample
d28d3bf5188875a86939bd0ab7953b34_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d28d3bf5188875a86939bd0ab7953b34_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
d28d3bf5188875a86939bd0ab7953b34_JaffaCakes118
-
Size
902KB
-
MD5
d28d3bf5188875a86939bd0ab7953b34
-
SHA1
8a2b43c2d60bf827601d97aa5269bbd63b42d830
-
SHA256
1b658f8f52be4a4f8fed7d7059a882f859443d80830d87e14dc132455795bb8f
-
SHA512
21fe02b2cd95cf9817933a3c670ffa67f72760b00323725c6b625a5ac7b804bd5cbefd700fa55bfa6b72859546cd48f891f28ecca82bff0ec3637dc295e4507d
-
SSDEEP
12288:A7XiOLHkT0M8U2wO3kUbLxxis60I3pqVt5U:EXhHo0xU22UvxvI5qV3U
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d28d3bf5188875a86939bd0ab7953b34_JaffaCakes118
Files
-
d28d3bf5188875a86939bd0ab7953b34_JaffaCakes118.exe windows:4 windows x86 arch:x86
dd9da3d3f5e7bfad06abd247e259c4a2
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree
GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree
GetProcAddress
GlobalAlloc
LoadLibraryA
GlobalFree
GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalFree
LoadLibraryA
user32
MessageBoxA
MessageBoxA
MessageBoxA
MessageBoxA
Sections
BuzzME Size: 901KB - Virtual size: 901KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE