Static task
static1
Behavioral task
behavioral1
Sample
e0db998d5b8f0b17c5935852a3bec05e_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
e0db998d5b8f0b17c5935852a3bec05e_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
e0db998d5b8f0b17c5935852a3bec05e_JaffaCakes118
-
Size
60KB
-
MD5
e0db998d5b8f0b17c5935852a3bec05e
-
SHA1
16c2c1e5d712b5e80ae587adc6fe1213c6654e0a
-
SHA256
331056194b77247b2aedf0fdceb432b2ad2bb8ea66047efec97ffe51c34e80f0
-
SHA512
9f97f20cba0a197cbe59099f474ed6cd4c45eacda08dfae08f0e124c48f8817730fd7ab227ee3c3220960fc5835e5b445f1869fa26c75b75a229c0ae0ff3c465
-
SSDEEP
768:+/GrTVm/g3MBK08Q/4V39N8djD5zgZh8TmB3GYTF/pZs2HX+PQJOKnLG1TCEkWi:xdm/g3sK082S3cdnVYu0GYTPZsHELX
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource e0db998d5b8f0b17c5935852a3bec05e_JaffaCakes118
Files
-
e0db998d5b8f0b17c5935852a3bec05e_JaffaCakes118.exe windows:4 windows x86 arch:x86
27fb1e8f06caed7fece7c6d8ce53f4b1
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ConvertDefaultLocale
CreateSocketHandle
EnumResourceNamesW
ExitProcess
IsBadHugeWritePtr
OpenEventW
OpenFileMappingA
SuspendThread
advapi32
AdjustTokenPrivileges
ConvertSecurityDescriptorToAccessA
CryptAcquireContextA
FreeSid
ImpersonateLoggedOnUser
RegConnectRegistryW
RegEnumValueA
RegRestoreKeyA
RegSaveKeyA
StartServiceCtrlDispatcherW
user32
AppendMenuW
ChangeClipboardChain
CharToOemBuffA
CreateMDIWindowA
EndPaint
EnumDisplaySettingsExW
EnumPropsExA
PeekMessageW
SetClipboardData
SetSysColorsTemp
SetWindowsHookW
WINNLSEnableIME
WINNLSGetEnableStatus
Sections
.text Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 48KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE