g:\Acro_root_apms\Main\build\win\results\Release\info\template.pdb
Static task
static1
Behavioral task
behavioral1
Sample
feb713410911221ed246f85f4444014a_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
feb713410911221ed246f85f4444014a_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
feb713410911221ed246f85f4444014a_JaffaCakes118
-
Size
93KB
-
MD5
feb713410911221ed246f85f4444014a
-
SHA1
c94300ea0732b913b4e24f9b6c6b68183f7f81eb
-
SHA256
c8ff049a6eb0a847bac2072dd5727aac1ce2ac7d6cb41585cd9e5c28d5fa5bd0
-
SHA512
b236e3af0e397242176feb1bd5b353b003ed19a7f1ee9db484379770d1e28080ff6b0a811d6ed0eb85637e8c591c7a44bdd35147e1566eb81ef46b1b43478e28
-
SSDEEP
768:7QDsTDriiiii5vWMoZ/56lVbYuGGaql3ti7sHMTtNIBQJbvRJcvnyNQC+NaH9K7P:7Q483pfYR/vv4Iin
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource feb713410911221ed246f85f4444014a_JaffaCakes118
Files
-
feb713410911221ed246f85f4444014a_JaffaCakes118.exe windows:4 windows x86 arch:x86
ad0660c296e8c25fbe0953316fbf7592
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
ExitProcess
GetCommandLineW
HeapAlloc
HeapFree
GetModuleHandleW
GetProcessHeap
LoadLibraryW
GetProcAddress
GetUserDefaultUILanguage
shell32
CommandLineToArgvW
msi
ord205
ord173
user32
MessageBoxExW
shlwapi
StrCmpW
Sections
.text Size: 1024B - Virtual size: 1024B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 280B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 82KB - Virtual size: 102KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE