Static task
static1
Behavioral task
behavioral1
Sample
fd9fe37499d55ca4df43c07d8d2c9a39_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
fd9fe37499d55ca4df43c07d8d2c9a39_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
fd9fe37499d55ca4df43c07d8d2c9a39_JaffaCakes118
-
Size
244KB
-
MD5
fd9fe37499d55ca4df43c07d8d2c9a39
-
SHA1
8770a1721fb9be732723cb7c497e61775680ef8d
-
SHA256
823da976d2495e1e76a6dc543717f16b9c730ea28ebacd8f7f6357b650fed699
-
SHA512
c6c1d851a9f3f9f56baa9f4a5938894be8faccf6ad7e63c02d4afe181133191e9a9a89024bc4c0750a8a7d411e0bc20f05ff7d283ba15b1eab0d266fc2254ea6
-
SSDEEP
6144:mUpwSHLOv8xhC8LU6mCOQHrIXiuHztfPk4xiEvYUx:mQwUOmHgzQHrIbfPkCiEv
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource fd9fe37499d55ca4df43c07d8d2c9a39_JaffaCakes118
Files
-
fd9fe37499d55ca4df43c07d8d2c9a39_JaffaCakes118.exe windows:4 windows x86 arch:x86
c0742f427e71aa88f75cc1e1df78b20d
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
advapi32
RegCloseKey
comctl32
ImageList_Add
gdi32
BitBlt
shell32
SHFileOperationA
user32
ActivateKeyboardLayout
oleaut32
SafeArrayCreate
Sections
.text Size: 232KB - Virtual size: 716KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 11KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE