Static task
static1
Behavioral task
behavioral1
Sample
37a9760aaa2ecd7a0c2099d43c6ef7d0_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
37a9760aaa2ecd7a0c2099d43c6ef7d0_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
37a9760aaa2ecd7a0c2099d43c6ef7d0_JaffaCakes118
-
Size
60KB
-
MD5
37a9760aaa2ecd7a0c2099d43c6ef7d0
-
SHA1
e36daa49e1e9183d7cdb4c7d9c48f080aceb35bd
-
SHA256
f6fb4ec4e063e68110669a958ef709aa1f28567a8163b3f0105e31892b983081
-
SHA512
56603b8b4457f7ad135e616d926541e5aed4ec6bab2cfac21883b74c6e80f962186cd504aa57166b727110eb6249f167939b74057484e1a7ff7877811b9b9e84
-
SSDEEP
1536:M1WfWnSpSOEcvcBB18IKQ5pOsRyKFD1MFH:8WfyYSOhESbQisQKFD10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 37a9760aaa2ecd7a0c2099d43c6ef7d0_JaffaCakes118
Files
-
37a9760aaa2ecd7a0c2099d43c6ef7d0_JaffaCakes118.exe windows:5 windows x86 arch:x86
8735d32cb361971bdf93bfb4e7c4841b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetSystemTime
lstrlenA
GetTempPathA
lstrcpyA
GetTickCount
GetVersion
GetLocalTime
CloseHandle
WriteFile
GetLastError
CreateFileA
FindAtomA
lstrcatA
lstrcpynA
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetTempFileNameA
CreateMutexA
OpenMutexA
ExitProcess
lstrcmpA
GetCommandLineA
RtlUnwind
VirtualQuery
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
user32
wsprintfA
GetWindowRect
EqualRect
IsWindowVisible
GetCaretPos
ClientToScreen
GetFocus
InflateRect
GetCursorPos
shlwapi
SHGetValueA
Sections
.text Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 39KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE