Static task
static1
Behavioral task
behavioral1
Sample
fa1a19977598c3f020882a4fa32e04b7_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
fa1a19977598c3f020882a4fa32e04b7_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
fa1a19977598c3f020882a4fa32e04b7_JaffaCakes118
-
Size
165KB
-
MD5
fa1a19977598c3f020882a4fa32e04b7
-
SHA1
c902504f5377c31324e28801a67be6957e41271a
-
SHA256
97139bbaf34d92df333d9f791d12b11a8a273151edcaecb9ab7ec75bb034552f
-
SHA512
e8601a99fd078ce1084384205ea301806bafe000196fbef9bb39dbf6bc7c64e7d18bb630c11f101ae6a9776bf59ba5c9c20b1db46627d78db6a2f01912e6b06a
-
SSDEEP
3072:S5wCoIilDFGqO9dRbhdM07CU2PpfFnjRsRfYriwa9lV7+Xeb:S2lVlEqsdPy07CU2hBORf2Za9lViXk
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource fa1a19977598c3f020882a4fa32e04b7_JaffaCakes118
Files
-
fa1a19977598c3f020882a4fa32e04b7_JaffaCakes118.exe windows:5 windows x86 arch:x86
e2050a2d50960dfe6a9c0dccd004dab8
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetCurrentDirectoryA
WaitForMultipleObjects
GetCommandLineA
TlsGetValue
SearchPathA
SleepEx
SleepEx
FindFirstFileW
CloseHandle
SleepEx
GetLongPathNameA
VirtualAllocEx
CreateMailslotA
MoveFileA
GetModuleHandleA
GetACP
SleepEx
SetEvent
SleepEx
SearchPathA
SearchPathA
CreateJobObjectW
SleepEx
GetCurrentProcess
SleepEx
RemoveDirectoryW
LoadLibraryExW
SetLocalTime
certcli
CACloseCertType
CADeleteCA
CAEnumFirstCA
Sections
.text Size: 157KB - Virtual size: 157KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 1024B - Virtual size: 696B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
.hdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 864B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ