d:\uedhtbeqe\tmoebeb\pcepp.pdb
Static task
static1
Behavioral task
behavioral1
Sample
f9a73f53a842c0e3c461f9f4aa0b83dd_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
f9a73f53a842c0e3c461f9f4aa0b83dd_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
f9a73f53a842c0e3c461f9f4aa0b83dd_JaffaCakes118
-
Size
492KB
-
MD5
f9a73f53a842c0e3c461f9f4aa0b83dd
-
SHA1
ec87eaf3d378e2efe4a7adfa4d3fc3f11eacd506
-
SHA256
029cc0936730da11d8568af611a32125f4d289ad71ac9964a6cc9fc441291cfa
-
SHA512
22f3636dddba9c7a3bed072b1c4a6c7eea0e6fa74cf476067bc22eabf6e6e7260b206a5ca73aa465bcc10eb477f2692e49ba2713fd20a90402753fdf7a4e6ed6
-
SSDEEP
12288:4aCRcd4Ksb+vLcFYiZ5FTxgNtsmzcovDtafCvcy38QvcdjVR6c:x4KQW0ZToXzpDt59ijO
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource f9a73f53a842c0e3c461f9f4aa0b83dd_JaffaCakes118
Files
-
f9a73f53a842c0e3c461f9f4aa0b83dd_JaffaCakes118.exe windows:4 windows x86 arch:x86
a3c180cc192efa64cc47b2392a494d88
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
comdlg32
GetFileTitleA
GetOpenFileNameW
comctl32
InitCommonControlsEx
advapi32
RegCreateKeyExA
CryptSignHashA
CryptGenKey
LookupSecurityDescriptorPartsW
CryptDuplicateKey
RegRestoreKeyA
CryptSetHashParam
RegConnectRegistryA
RegQueryMultipleValuesA
gdi32
GetTextCharset
TextOutA
CreateBitmapIndirect
CopyEnhMetaFileW
ScaleWindowExtEx
GetCharABCWidthsFloatA
OffsetClipRgn
EnableEUDC
UpdateICMRegKeyA
RestoreDC
SelectPalette
GetTextFaceA
GetCharacterPlacementA
SetICMProfileA
SetBrushOrgEx
GetGlyphOutline
CreateFontIndirectW
GetCharABCWidthsW
SetPixelV
GetEnhMetaFileHeader
CreateRectRgnIndirect
ExtFloodFill
SetICMMode
GetBitmapDimensionEx
user32
GetWindow
GetDC
InsertMenuItemW
ScrollDC
RegisterClassA
RegisterClassExA
wininet
InternetGetConnectedStateExW
InternetWriteFileExA
HttpQueryInfoA
kernel32
VirtualQuery
GetProcessHeaps
ReadFile
GetEnvironmentStringsW
VirtualFree
HeapAlloc
LCMapStringW
IsBadWritePtr
GetCPInfo
IsValidLocale
GetModuleFileNameW
GetSystemTimeAsFileTime
GetModuleFileNameA
GetOEMCP
GetVersionExA
GetStdHandle
FreeEnvironmentStringsA
GetLocaleInfoA
WideCharToMultiByte
GetStringTypeW
DeleteCriticalSection
CompareStringA
HeapFree
TlsAlloc
HeapCreate
GetTickCount
MultiByteToWideChar
GetCurrentThreadId
GetUserDefaultLCID
SetStdHandle
LoadLibraryA
QueryPerformanceCounter
TlsFree
TlsGetValue
VirtualAlloc
GetCurrentProcess
SetLastError
HeapReAlloc
FreeEnvironmentStringsW
GetACP
GetLastError
FlushFileBuffers
GetProcAddress
TerminateProcess
GetDateFormatA
GetCurrentProcessId
CloseHandle
OpenMutexA
SetEnvironmentVariableA
GetConsoleScreenBufferInfo
HeapSize
InterlockedExchange
ExitProcess
IsValidCodePage
GetCurrentThread
CompareStringW
GetStringTypeA
VirtualProtect
GetStartupInfoA
GetCommandLineW
LCMapStringA
SetFilePointer
WriteFile
EnterCriticalSection
GetTimeZoneInformation
InitializeCriticalSection
EnumSystemLocalesA
SetHandleCount
LeaveCriticalSection
GetStartupInfoW
UnhandledExceptionFilter
GetCommandLineA
CreateMutexA
GetTimeFormatA
GetLocaleInfoW
GetFileType
GetModuleHandleA
TlsSetValue
GetSystemInfo
GetEnvironmentStrings
HeapDestroy
RtlUnwind
Sections
.text Size: 307KB - Virtual size: 306KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 68KB - Virtual size: 71KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 105KB - Virtual size: 105KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ