LAPc.#ffEQJ#6N+sV.pdb
Static task
static1
Behavioral task
behavioral1
Sample
ef109e318eac0febf15b25f850c79d4f_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
ef109e318eac0febf15b25f850c79d4f_JaffaCakes118
-
Size
132KB
-
MD5
ef109e318eac0febf15b25f850c79d4f
-
SHA1
4a41a4e6029f9ee640922cf13c48311a7c7bc9ed
-
SHA256
5a276f6be10c865870b8530bfe23d89d7d8849bccbe07a6552b95f3b888291b9
-
SHA512
668b63525b813b25de0df9174e5ca1f52088136d3fdda4f107022f21b0d2b0eaf60f6f209daca41d5813ec0373da70ed5ed3f52304d42386b1b6a325f1fc2f0f
-
SSDEEP
3072:ZVpq/s1jBK3dVMyppP21kJHGrLd7wDTHgWL3hPhSwhv:ZVpqkZGdaU2GG7WHgWLxpB
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ef109e318eac0febf15b25f850c79d4f_JaffaCakes118
Files
-
ef109e318eac0febf15b25f850c79d4f_JaffaCakes118.exe windows:6 windows x86 arch:x86
075847f0fded8432a69e7fe19247d1c4
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
msvcrt
memset
user32
GetWindowInfo
GetClientRect
WindowFromPhysicalPoint
CopyIcon
HideCaret
CopyImage
shlwapi
ord29
kernel32
ReleaseActCtx
ContinueDebugEvent
TlsFree
CloseHandle
GetVersion
IsValidLocaleName
GetCommandLineW
GetLargePageMinimum
Heap32First
GetThreadIOPendingFlag
LocalAlloc
GetLargestConsoleWindowSize
GetSystemDefaultLocaleName
HeapDestroy
oleaut32
VarCyCmpR8
VarCyFromR4
Sections
.text Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 104KB - Virtual size: 100KB
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 556B
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ