Static task
static1
Behavioral task
behavioral1
Sample
06fa16033c4baf1f36c4e9e914366a93_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
06fa16033c4baf1f36c4e9e914366a93_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
06fa16033c4baf1f36c4e9e914366a93_JaffaCakes118
-
Size
288KB
-
MD5
06fa16033c4baf1f36c4e9e914366a93
-
SHA1
167c6838589646683100ac6c295764da35f714d6
-
SHA256
1ef4b7fad8ef0166ae0b1052f01063978e06eb36fae5900fff7791f7d3110bc2
-
SHA512
ba9921ff8fcb8638981fe51271c85630feea6992c7ac1606e7beeeab4f1ee232a0dac2047d5faa6fba5acf0c38e791f692e9d8d42d4062926a9a63c4d53d3b0b
-
SSDEEP
3072:jgs6j2IaW1qtd5Tli3MqbdJ2ZOr0T9DiM8tsAZ2R:csE25WYiBBJa9ktFc
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 06fa16033c4baf1f36c4e9e914366a93_JaffaCakes118
Files
-
06fa16033c4baf1f36c4e9e914366a93_JaffaCakes118.exe windows:4 windows x86 arch:x86
cde63cd1acd793e0f63595a1f35296bb
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
gdi32
BitBlt
comctl32
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_Remove
ImageList_GetBkColor
ole32
CoCreateGuid
advapi32
RegDeleteValueA
msvcrt
memcpy
tan
comdlg32
GetFileTitleA
FindTextA
kernel32
GetCurrentThreadId
lstrlenA
VirtualAllocEx
VirtualAlloc
GetModuleHandleA
LoadLibraryA
shell32
SHFileOperationA
DragQueryFileA
user32
IsWindowVisible
IsChild
GetActiveWindow
shlwapi
SHSetValueA
PathIsContentTypeA
PathIsDirectoryA
version
GetFileVersionInfoSizeA
Sections
CODE Size: 39KB - Virtual size: 39KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.edata Size: 236KB - Virtual size: 236KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 613B - Virtual size: 613B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ