Static task
static1
Behavioral task
behavioral1
Sample
dd00927a5b24905c5571ab1341ad444d_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
dd00927a5b24905c5571ab1341ad444d_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
dd00927a5b24905c5571ab1341ad444d_JaffaCakes118
-
Size
50KB
-
MD5
dd00927a5b24905c5571ab1341ad444d
-
SHA1
4bbff01ad8534b52ded6266fa06ae9c442c42d97
-
SHA256
5f97b5da98898b79e744bb7c4936586b186f5ba3561b836dce3ce584fa85aafe
-
SHA512
a465b0bbaff014c7252eee0036090082d50b90fe084521b70abbe2498521769f1508d09ae25396249053bda3d84066452800253ab51ecfd00084d750182fedb6
-
SSDEEP
1536:rsnTXcCHNEwqEWgwDrGtsNIzffB4icLF:rsnTX3qFDHjIzHB4R
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource dd00927a5b24905c5571ab1341ad444d_JaffaCakes118
Files
-
dd00927a5b24905c5571ab1341ad444d_JaffaCakes118.exe windows:4 windows x86 arch:x86
f726a0406f9c0299f388d857f4146ea5
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
DeviceIoControl
ExitProcess
GetFileAttributesExA
GetLogicalDriveStringsW
GetStdHandle
GetWindowsDirectoryA
HeapFree
LeaveCriticalSection
SetCommState
SetThreadAffinityMask
TerminateProcess
WaitForMultipleObjects
WriteProcessMemory
_llseek
lstrcmpW
advapi32
BuildImpersonateExplicitAccessWithNameA
GetNamedSecurityInfoW
ImpersonateLoggedOnUser
InitializeSecurityDescriptor
ObjectDeleteAuditAlarmW
ObjectPrivilegeAuditAlarmA
OpenSCManagerA
RegEnumKeyW
RegQueryValueExA
gdi32
AbortPath
CreateBitmapIndirect
CreateCompatibleDC
CreateDIBPatternBrush
CreateFontW
EnumEnhMetaFile
GetCharWidthFloatW
GetMapMode
GetMetaFileBitsEx
GetMetaFileW
GetRgnBox
GetTextExtentExPointA
PolyBezier
SetDIBitsToDevice
Sections
.text Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 49KB - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE