Static task
static1
Behavioral task
behavioral1
Sample
e151da467a4caab286e99eee11ec592b_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
e151da467a4caab286e99eee11ec592b_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
e151da467a4caab286e99eee11ec592b_JaffaCakes118
-
Size
172KB
-
MD5
e151da467a4caab286e99eee11ec592b
-
SHA1
591d6952fbe85149ccf133df602032fc137a2bfc
-
SHA256
70fd50a366e37ef23641ccf5ecfa7a9ab00c876d191e73d237aa20c03461cb18
-
SHA512
a4d2eb2a20c419f52a5ab3ee9940e3c49850e3618a427468378ea15f3da48c95e3cd23e46ef7361fddbe939dcb55c5ebfde057c88df0aedb1bf393afc9f013e8
-
SSDEEP
3072:KJzDexEXD4/W/PSYcCOmZtWe59NLhrPx1vXgViqbrjyw0FaWGRHoO:K9pXr/PSYcXmZp91H1/VurmwTl
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource e151da467a4caab286e99eee11ec592b_JaffaCakes118
Files
-
e151da467a4caab286e99eee11ec592b_JaffaCakes118.exe windows:4 windows x86 arch:x86
359f362318afb8ae1fb91ca8fc453c94
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msimg32
AlphaBlend
TransparentBlt
shlwapi
PathAddBackslashA
advapi32
RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
user32
CharNextA
GetKeyState
wsprintfW
wsprintfA
MessageBoxA
CharUpperA
CharLowerA
kernel32
ReleaseSemaphore
InterlockedDecrement
TlsFree
GetStartupInfoA
WritePrivateProfileStringA
lstrcmpA
FileTimeToLocalFileTime
GetThreadIOPendingFlag
TerminateProcess
SetUnhandledExceptionFilter
SetStdHandle
InitializeCriticalSection
CreateSemaphoreA
GetTimeZoneInformation
TlsSetValue
GetEnvironmentStrings
RaiseException
GetACP
GetTempPathW
LoadLibraryA
HeapFree
UnmapViewOfFile
SetLastError
ExitThread
GetCurrentProcess
GetTempPathA
GetThreadPriority
CompareStringA
FreeEnvironmentStringsW
HeapSize
HeapAlloc
FreeLibrary
TransmitCommChar
GetFullPathNameW
ResetEvent
WaitForSingleObject
OutputDebugStringA
IsBadWritePtr
GetModuleFileNameA
GetFullPathNameA
GetDiskFreeSpaceExA
CreateMutexA
IsBadCodePtr
GetStringTypeW
FreeEnvironmentStringsA
HeapReAlloc
GetModuleHandleA
EnumResourceNamesW
WriteFile
GetEnvironmentVariableA
GetUserDefaultLCID
GetCommandLineA
GetPriorityClass
FlushFileBuffers
GetTempFileNameA
SetHandleCount
RtlUnwind
lstrcpyA
DeleteCriticalSection
InterlockedIncrement
CreateFileW
CompareStringW
ExitProcess
CreateThread
GetSystemTime
GlobalAlloc
CloseHandle
SetEvent
GlobalUnlock
GetCurrentThreadId
GetEnvironmentStringsW
GetLastError
TlsGetValue
HeapCreate
SetEndOfFile
GetStdHandle
GetTickCount
ExitProcess
FileTimeToSystemTime
WideCharToMultiByte
IsBadReadPtr
CreateFileMappingA
GetOEMCP
LCMapStringW
GetFileType
UnhandledExceptionFilter
Sleep
GetProcAddress
GetStringTypeA
LeaveCriticalSection
GetCPInfo
InterlockedExchange
HeapDestroy
IsDBCSLeadByte
EnterCriticalSection
lstrcmpW
GetPrivateProfileStringA
MapViewOfFile
SetPriorityClass
LCMapStringA
MultiByteToWideChar
TlsAlloc
LoadLibraryW
GlobalFree
SetEnvironmentVariableA
Sections
.text Size: 142KB - Virtual size: 141KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 25KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.crt Size: 512B - Virtual size: 212KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ