Static task
static1
Behavioral task
behavioral1
Sample
12763b1f021ab41e4668a4a6cec6143b_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
12763b1f021ab41e4668a4a6cec6143b_JaffaCakes118
-
Size
816KB
-
MD5
12763b1f021ab41e4668a4a6cec6143b
-
SHA1
360df006a0d9f474f59e9b5aff4da6755e5ee246
-
SHA256
eba487cf25db041f83060ba3c9401f5170b301b3aec38ae847b80d5fd31ff59c
-
SHA512
fce22a984bf452bc0d202489a1189a90d917f806cfb52121a664bfd5aa9bf52dcbfb5de2fb34a88108377c1a900bd1385c9a51d097f72f084378d213ade93b0f
-
SSDEEP
24576:tWnfSpo+bRDEN4J+Bcw+lg0RadW/EOLbqV:40XlaWsIs
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 12763b1f021ab41e4668a4a6cec6143b_JaffaCakes118
Files
-
12763b1f021ab41e4668a4a6cec6143b_JaffaCakes118.exe windows:4 windows x86 arch:x86
d204a7f239653789121440929c1073bc
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
Beep
lstrcmpA
Beep
Beep
SetCurrentDirectoryW
Beep
Beep
Beep
TlsSetValue
Beep
SetThreadPriority
Beep
Beep
GetCurrentThreadId
VirtualQuery
ReleaseMutex
OpenMutexA
lstrcatA
GetPrivateProfileIntA
DeleteFileW
WriteConsoleW
Beep
GetFullPathNameW
VirtualProtect
GetCommandLineA
FormatMessageA
GetModuleHandleA
TlsGetValue
SetLocaleInfoW
catsrvut
RegDBBackup
RegDBRestore
StartMTSTOCOM
CGMIsAdministrator
Sections
.TEXT Size: 15KB - Virtual size: 23KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.ndata Size: 1024B - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE
.vdata Size: 797KB - Virtual size: 3.6MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
.jdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE