Static task
static1
Behavioral task
behavioral1
Sample
3cd1522f354a36125f0f1b994610f272_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
3cd1522f354a36125f0f1b994610f272_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
3cd1522f354a36125f0f1b994610f272_JaffaCakes118
-
Size
157KB
-
MD5
3cd1522f354a36125f0f1b994610f272
-
SHA1
6eb1790d174e98071cc57e1f7022ecfe70443cc0
-
SHA256
95731a189d309ea21d43237a3f3a69e8f861d4b13184a69fb28d5f6987892ea4
-
SHA512
cb7ccb30e9bc307d197731ae8ac95a2f95123e849e46a6c2bb0017b3eae042b1d9162ad0739ab2ffcfaeb7c167e5e581cc29cd905fb6428a0b3afc7db8b7f808
-
SSDEEP
3072:3mhzNJcM1LwuhaPhah3tJm4wr8Yehm+kguF7SDADeak7dJHB/AKG6:3YVZMeJor8X2D1SsQLH5AKX
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3cd1522f354a36125f0f1b994610f272_JaffaCakes118
Files
-
3cd1522f354a36125f0f1b994610f272_JaffaCakes118.exe windows:4 windows x86 arch:x86
ebcdc17afe5e9abfb2ba677e6a749fa3
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
TerminateProcess
CloseHandle
GetFileSize
CreateFileA
SetStdHandle
GetCurrentProcess
GetCPInfo
FlushFileBuffers
HeapReAlloc
VirtualAlloc
LoadLibraryA
GetOEMCP
GetACP
GetProcAddress
GetModuleHandleA
GetLastError
SetFilePointer
GetStdHandle
WriteFile
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
ExitProcess
VirtualFree
GetModuleFileNameA
LCMapStringW
HeapAlloc
HeapFree
RtlUnwind
LCMapStringA
user32
SetDlgItemTextA
DialogBoxParamA
GetDlgItem
SendMessageA
EndDialog
GetDlgItemTextA
comdlg32
GetOpenFileNameA
GetSaveFileNameA
Sections
.text Size: 44KB - Virtual size: 43KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 112KB - Virtual size: 112KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE