Static task
static1
Behavioral task
behavioral1
Sample
f5a04203d240199fbed47a692e341931_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
f5a04203d240199fbed47a692e341931_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
f5a04203d240199fbed47a692e341931_JaffaCakes118
-
Size
139KB
-
MD5
f5a04203d240199fbed47a692e341931
-
SHA1
6cd6a821672397ba07cf36cae19786c26ddda56a
-
SHA256
336ec9f6d8f3df0f4570f83629a5704347b8c50c59e87764d801c4f0ec773673
-
SHA512
e146d70bd0f730cd3d0f75e43308886533eb8b3ca055bc552c8f7e9bfe6db33c15298f6c2d837ab96ebb1eb017ed12aae19feb336c0a640bf09db1d11c4fae15
-
SSDEEP
3072:DUi0F9YpjfKe+GsV22OZDc7SaDCilC8qAGGbTF/PtP1Z3eyLZ:D2XuK/GsV3OZsSaDCilC8qAGGbTF/Pt5
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource f5a04203d240199fbed47a692e341931_JaffaCakes118
Files
-
f5a04203d240199fbed47a692e341931_JaffaCakes118.exe windows:4 windows x86 arch:x86
c1e3930ed31672579db863bace691ecd
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CompareFileTime
CreateFileMappingA
DeleteCriticalSection
GetFileSize
GetVersion
InitializeCriticalSection
InterlockedIncrement
LCMapStringA
LCMapStringW
ReleaseMutex
SetCurrentDirectoryA
WritePrivateProfileStringA
user32
GetDC
GetSubMenu
LoadStringA
wsprintfA
gdi32
DeleteDC
LineTo
SetROP2
shell32
DragQueryPoint
ExtractIconW
SHGetFileInfoA
SHGetFolderLocation
SHGetMalloc
ShellExecuteExA
comctl32
ImageList_ReplaceIcon
ImageList_SetOverlayImage
Sections
.text Size: 61KB - Virtual size: 60KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 920B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 55KB - Virtual size: 55KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 21KB - Virtual size: 140KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ