Static task
static1
Behavioral task
behavioral1
Sample
d6725f00979831b7ef2a1b50ddeb9b98_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d6725f00979831b7ef2a1b50ddeb9b98_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
d6725f00979831b7ef2a1b50ddeb9b98_JaffaCakes118
-
Size
124KB
-
MD5
d6725f00979831b7ef2a1b50ddeb9b98
-
SHA1
89317aea684ce3651a96e39728f72a719b5529c5
-
SHA256
b55c9007e68218aad703974a6568bbc34a3b334ba32c748e5b8c6abde6b800e5
-
SHA512
6a7ed61f851b099abf11d6a72d10968fc433eb17e2cb52670f616043153b4fa4f87a9f0e077ce414b1c36110f74bde28f2b1a5cb19558bfc18d06a6578abc4df
-
SSDEEP
1536:ij66m+CyoPOSbDTibV8yJiEzTtgbHBxol4jRnLGqmJpPET6FtR0gGpyqkRe6FZZ7:D6mtGmDTiCoi2tOxolNqApsT+qxkT9o
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d6725f00979831b7ef2a1b50ddeb9b98_JaffaCakes118
Files
-
d6725f00979831b7ef2a1b50ddeb9b98_JaffaCakes118.exe windows:4 windows x86 arch:x86
f8f107c8e0f70045772c41b6b54800be
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ReleaseMutex
DeleteFileA
CreateMutexA
SetEvent
WaitForMultipleObjects
SetThreadPriority
GetTempPathA
SetFileAttributesA
GetTickCount
FreeResource
SizeofResource
LockResource
LoadResource
FindResourceA
GetVersion
CreateEventA
GetLastError
CloseHandle
ExitProcess
GetVersionExA
LoadLibraryA
GetProcAddress
FreeLibrary
CreateThread
WaitForSingleObject
GetCurrentProcess
CreateProcessA
GetSystemDirectoryA
CopyFileA
GetModuleFileNameA
OpenMutexA
OpenEventA
HeapSize
SetFilePointer
TerminateProcess
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
SetEndOfFile
SetEnvironmentVariableA
Sleep
SetHandleCount
IsBadCodePtr
SetUnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
CreateFileA
FlushFileBuffers
SetStdHandle
IsBadWritePtr
HeapReAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
RtlUnwind
HeapAlloc
HeapFree
ReadFile
IsBadReadPtr
WriteFile
VirtualAlloc
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
advapi32
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA
CreateServiceA
StartServiceA
CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyA
RegOpenKeyA
RegSetValueExA
RegCloseKey
ws2_32
accept
listen
setsockopt
recvfrom
sendto
getpeername
htonl
bind
WSASetLastError
gethostname
htons
inet_addr
socket
WSAGetLastError
select
__WSAFDIsSet
closesocket
send
recv
gethostbyname
WSAStartup
connect
ioctlsocket
Sections
.text Size: 59KB - Virtual size: 58KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 12KB - Virtual size: 139KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 46KB - Virtual size: 46KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ