Static task
static1
Behavioral task
behavioral1
Sample
0464c35a88a7aaab154f6413e1475228_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
0464c35a88a7aaab154f6413e1475228_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
0464c35a88a7aaab154f6413e1475228_JaffaCakes118
-
Size
23KB
-
MD5
0464c35a88a7aaab154f6413e1475228
-
SHA1
2d90750bde1257df3103499a836f1230714e5f23
-
SHA256
8a83778412c73afb36ecc21d5851b529de40371b8303185ab66ac499c49b323c
-
SHA512
28bd9c83cc60ed1e3bae7c0261dde876aea9787688dc6b3bca69b48d6d05ec370a0e5987adf6590ac18e54dc7a045288951bac30c879c9a12eac92b7a2c625b4
-
SSDEEP
384:fO9iUzhWcHkG0W/8AoWheLXVBYkkjuv1hkNLdbaLa4CwUJuUCSFCJWe8EDEWW:7OhWcqAXEVBxkjuv7wbaLa4PU48IM
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0464c35a88a7aaab154f6413e1475228_JaffaCakes118
Files
-
0464c35a88a7aaab154f6413e1475228_JaffaCakes118.exe windows:4 windows x86 arch:x86
1e0cd9bb60c14129fcfcc10e2949423c
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
Process32Next
GetCurrentProcessId
Process32First
CreateToolhelp32Snapshot
WinExec
GetWindowsDirectoryA
CloseHandle
WriteFile
CreateFileA
GetProcAddress
LoadLibraryA
FreeLibrary
GetTickCount
GetTempPathA
GetSystemDirectoryA
Sleep
GetPrivateProfileStringA
lstrcatA
user32
MessageBeep
GetMessageA
wsprintfA
MessageBoxA
TranslateMessage
DispatchMessageA
msvcrt
_except_handler3
_stricmp
atoi
strrchr
_itoa
netapi32
Netbios
Sections
.data Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ