Static task
static1
Behavioral task
behavioral1
Sample
e2074c2baa1726b20a94267255e853e8_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
e2074c2baa1726b20a94267255e853e8_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
e2074c2baa1726b20a94267255e853e8_JaffaCakes118
-
Size
372KB
-
MD5
e2074c2baa1726b20a94267255e853e8
-
SHA1
e40b99ebcd45b3bccccc04086b14b1b88c17071b
-
SHA256
6c2715afbb9fb12cd06881b58fbd6d6e2e856c0b2dd33c3cbb49ceab8b502018
-
SHA512
6eac77731c46279fb049d43ee4ad6c022f458db3fc1bacd449e7922fdc77204c1e2fa78173613847ce469dec5c5ec43a3364e8e162d8223591470b12371c5b09
-
SSDEEP
6144:QaFIVrDo7/IQR0zJLjFY/dwmek/mBWyUunLhqWMcwSaPTDk8WCDIQvJ/+A:bUex0z/Y/uk/XunFPvYHDWMIi+A
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource e2074c2baa1726b20a94267255e853e8_JaffaCakes118
Files
-
e2074c2baa1726b20a94267255e853e8_JaffaCakes118.exe windows:4 windows x86 arch:x86
4a989a525310bb78feb373aefdfb311e
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
VirtualProtect
GetVersionExA
EnumCalendarInfoA
_lopen
GetCommConfig
GetCommandLineA
ExitProcess
user32
GetPropW
DestroyIcon
DestroyCursor
SetTimer
LoadKeyboardLayoutW
wsprintfA
CharUpperA
SetMenuItemInfoA
ShowOwnedPopups
SetWindowRgn
GetWindowTextA
AppendMenuA
GetMenuItemID
SetFocus
GetKeyboardState
MapVirtualKeyExW
LockWindowUpdate
EnumThreadWindows
ChangeDisplaySettingsExA
CheckRadioButton
GetFocus
GetWindowRect
IsCharAlphaNumericA
OemKeyScan
OpenIcon
GetWindowDC
GetMenuItemInfoW
SendMessageCallbackW
ShowCursor
RegisterClassExA
WaitMessage
wsprintfW
AdjustWindowRectEx
LoadBitmapA
GetKeyNameTextA
LoadAcceleratorsA
ValidateRect
CascadeWindows
SendDlgItemMessageW
PtInRect
ChangeDisplaySettingsW
SetWindowWord
DefWindowProcA
EnableMenuItem
GetSubMenu
CreateWindowExA
LoadIconA
GetThreadDesktop
ToAscii
PostQuitMessage
CloseClipboard
SetParent
gdi32
GetOutlineTextMetricsA
GetSystemPaletteUse
Rectangle
Ellipse
EndPage
SetDIBitsToDevice
comdlg32
CommDlgExtendedError
FindTextW
GetFileTitleA
ReplaceTextW
advapi32
CryptHashData
FreeSid
RegGetKeySecurity
RegEnumKeyExA
DeleteService
StartServiceCtrlDispatcherA
RegSaveKeyW
AccessCheckAndAuditAlarmW
QueryServiceConfigA
QueryServiceLockStatusW
BuildSecurityDescriptorW
IsValidSecurityDescriptor
NotifyBootConfigStatus
CryptDecrypt
SetSecurityInfo
AccessCheck
RegCreateKeyA
GetSecurityDescriptorDacl
LookupPrivilegeValueW
AddAccessDeniedAce
RegUnLoadKeyA
EqualSid
CryptGenRandom
SetFileSecurityA
ImpersonateNamedPipeClient
StartServiceW
GetSecurityDescriptorSacl
EnumServicesStatusW
PrivilegeCheck
LookupPrivilegeDisplayNameA
GetServiceKeyNameW
GetUserNameW
CloseServiceHandle
SetPrivateObjectSecurity
GetExplicitEntriesFromAclW
RegDeleteKeyW
CryptEncrypt
CryptAcquireContextA
CryptSetHashParam
ole32
CoInitializeEx
CoMarshalInterface
CoFileTimeNow
OleSetContainedObject
StgOpenStorage
CoGetObject
oleaut32
SafeArrayRedim
SafeArrayPutElement
SetErrorInfo
SysFreeString
SysStringLen
SysAllocStringLen
SafeArrayCreate
comctl32
ImageList_DragShowNolock
ord17
ImageList_SetOverlayImage
shlwapi
SHDeleteValueW
StrCmpNIW
StrStrA
setupapi
SetupDiBuildDriverInfoList
SetupDiRemoveDevice
SetupDiGetDeviceInfoListDetailA
SetupDiEnumDriverInfoW
SetupGetLineCountW
Sections
.text Size: 332KB - Virtual size: 330KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 32KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE