Static task
static1
Behavioral task
behavioral1
Sample
2fe72387d31c65125b9c3a8840f4d879_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
2fe72387d31c65125b9c3a8840f4d879_JaffaCakes118
-
Size
330KB
-
MD5
2fe72387d31c65125b9c3a8840f4d879
-
SHA1
edb5f0c9e151d5bd1a68a5c4381c2a2c85698531
-
SHA256
deb9190f4ed079f40880f6b77a21b9c12c8380165c7d1617851060772b700a56
-
SHA512
065a20bbc6d08a49c2b5808adea76bc10d7712a5726b53fd5fe2564c9fac0f0a7d5ddbf2b17f58162f32a2b1d1bfb32bc549eb5d2013ee103eafffc5a766fc0a
-
SSDEEP
6144:yZ4oyWXEJLHRg5cmSG9vvB5his8RYo0yxshDyvxXHot+jiWB1ddSH:y+oyM+LRgC3G61WyIt+8
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2fe72387d31c65125b9c3a8840f4d879_JaffaCakes118
Files
-
2fe72387d31c65125b9c3a8840f4d879_JaffaCakes118.exe windows:4 windows x86 arch:x86
7b0e6fc5d948fe68a99e5beb8d65a3c7
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
user32
GetKeyboardType
advapi32
RegQueryValueExA
oleaut32
SysFreeString
gdi32
UnrealizeObject
shell32
ShellExecuteA
Sections
CODE Size: 323KB - Virtual size: 744KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE