Static task
static1
Behavioral task
behavioral1
Sample
12d2137a2bf5a55e29b45032db1a1465_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
12d2137a2bf5a55e29b45032db1a1465_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
12d2137a2bf5a55e29b45032db1a1465_JaffaCakes118
-
Size
136KB
-
MD5
12d2137a2bf5a55e29b45032db1a1465
-
SHA1
365737444537e82cebc1675bd8169847b4915291
-
SHA256
fa3a2b3dc8201d09d5de5bee8292ecc2719649597f5e1f2be0736e35f7220c37
-
SHA512
92849ace9041ee4278d9870586cfb390c9113e281ce1b36f43061febae456a0e5905a05a055e33e364fbd75796c15d612cc244e2a2b15b7b6ef5033f0cd992de
-
SSDEEP
3072:doKtvytMFN+ldkaH9KRtctxZkxNGcqdUozOM0:i+WwqK0txZkxhoz6
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 12d2137a2bf5a55e29b45032db1a1465_JaffaCakes118
Files
-
12d2137a2bf5a55e29b45032db1a1465_JaffaCakes118.exe windows:4 windows x86 arch:x86
1af4ac6c716fdc8f37a797bd0185c097
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
user32
GetKeyboardType
advapi32
RegQueryValueExA
oleaut32
SysFreeString
gdi32
UnrealizeObject
wsock32
WSACleanup
winmm
waveInUnprepareHeader
msacm32
acmStreamUnprepareHeader
shfolder
SHGetFolderPathA
wininet
InternetReadFile
shell32
ShellExecuteA
Sections
CODE Size: 130KB - Virtual size: 384KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE