Static task
static1
Behavioral task
behavioral1
Sample
f691b283f346809da8a2cfce784f2c90_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
f691b283f346809da8a2cfce784f2c90_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
f691b283f346809da8a2cfce784f2c90_JaffaCakes118
-
Size
1.5MB
-
MD5
f691b283f346809da8a2cfce784f2c90
-
SHA1
7900fcd801d1bc88dde58885b022a8c88e76bc8b
-
SHA256
6acd8886bd37b9c334b51915c34d08e101c3e0767fef54c1c4924e7102489069
-
SHA512
d7d7247fffcd94bfc9d946c6dcd1b9df6a6d318e6817e54fba99cd0574b442784d997be958b776b85005aad33721048df7d00b1a5389481223ba721e7a56ec3c
-
SSDEEP
24576:+DOCQmGOz3Ag9RRyh4ST+o6cRAy5ZgV/TUtd8CDBN9JMtiTzEGAzIVNddHTo:WOC423vAoc6xC9AzIHddHc
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource f691b283f346809da8a2cfce784f2c90_JaffaCakes118
Files
-
f691b283f346809da8a2cfce784f2c90_JaffaCakes118.exe windows:4 windows x86 arch:x86
303e0439bee5393a10750109ae84c4ea
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetSystemTime
CreateWaitableTimerA
BackupWrite
SetSystemTime
GlobalFindAtomA
_lopen
GlobalLock
user32
UnregisterClassA
GetMenuItemInfoA
UpdateLayeredWindow
IsZoomed
ChildWindowFromPointEx
MapVirtualKeyW
GetClipCursor
SetDebugErrorLevel
CreateWindowExW
EnumWindows
MenuWindowProcA
MessageBoxW
EmptyClipboard
DdeCreateStringHandleA
GetScrollRange
SetMessageExtraInfo
CreateWindowExA
shell32
SHGetFileInfoA
OpenAs_RunDLLW
Sections
.code Size: 9KB - Virtual size: 191KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
DATA Size: 36KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE