Static task
static1
Behavioral task
behavioral1
Sample
26fe588fbac1a3196e885e51eee0983c_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
26fe588fbac1a3196e885e51eee0983c_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
26fe588fbac1a3196e885e51eee0983c_JaffaCakes118
-
Size
168KB
-
MD5
26fe588fbac1a3196e885e51eee0983c
-
SHA1
bdb915eeedab65974b3828d351bab4c0b7dd8714
-
SHA256
c1764c13170de0df0213c9f739981146eca3ab8b5711205cb539ef281cbca6e8
-
SHA512
b9649120cf2622acb663988bd7b18f4b8cf4904edb8ff822b3eeacb1a91943cd2e86c1e5a5d1d0c169d47033588468eb505953698fdeff591c9e8ce05bca9e16
-
SSDEEP
3072:S+EG/3watF71Hsr5hdHas/W2JloA5Ef9bvu/r1AqRilp2iqI/lJ1Dgi:xEswatQr5htWEBS9ajiv2yNci
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 26fe588fbac1a3196e885e51eee0983c_JaffaCakes118
Files
-
26fe588fbac1a3196e885e51eee0983c_JaffaCakes118.exe windows:4 windows x86 arch:x86
88c87df674ce9571909d3112d70dd502
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CloseHandle
LCMapStringA
ExitProcess
GetCurrentProcess
CreateFileA
LoadLibraryA
user32
CloseWindow
CharLowerBuffA
SetWindowLongA
wsprintfA
CreateWindowExA
advapi32
RegOpenKeyA
RegEnumValueA
RegDeleteValueA
RegEnumKeyA
RegCreateKeyA
RegQueryValueA
RegSetValueA
RegCloseKey
RegDeleteKeyA
Sections
.text Size: 149KB - Virtual size: 152KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ