Static task
static1
Behavioral task
behavioral1
Sample
42a30bf22f59038e8cc55e0ae3469fa6_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
42a30bf22f59038e8cc55e0ae3469fa6_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
42a30bf22f59038e8cc55e0ae3469fa6_JaffaCakes118
-
Size
89KB
-
MD5
42a30bf22f59038e8cc55e0ae3469fa6
-
SHA1
5de8dc453728acef920363d335ce0cfb5fe8b18f
-
SHA256
df9263c0c8e79b49a5be38fee613b2fa1a137ae5d05d17f89976a5d43fca5073
-
SHA512
987f02188fc6770dfc650ca644d9dfd20ebfa443adb5967d2869c101c98b2b61f497fa8474f640e40e5d9dac40db9d9b41ac223e9830e02ab3fc895e52557da0
-
SSDEEP
1536:mJY/ogLaWDpLKa6p2GF+LK2TFTthf5CeJ88rVoIDvdrL2QCU4178I:mJY/ozQpLKaOuDNthx28ZbpOQCd73
Malware Config
Signatures
Files
-
42a30bf22f59038e8cc55e0ae3469fa6_JaffaCakes118.exe windows:4 windows x86 arch:x86
a906aec2ab84bb93fb3d24215a03e235
Code Sign
70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bfCertificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before29/01/1996, 00:00Not After01/08/2028, 23:59SubjectOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US6d:a2:7a:e9:29:2e:b6:dd:c0:a8:00:1d:47:6e:3b:69Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before03/12/2001, 00:00Not After02/12/2011, 23:59SubjectCN=VeriSign Class 3 Code Signing 2001 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.Extended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before04/12/2003, 00:00Not After03/12/2008, 23:59SubjectCN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
19:d4:d7:6d:34:c4:b6:0d:e8:b9:d6:c6:b3:19:36:7fCertificate
IssuerCN=VeriSign Class 3 Code Signing 2001 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.Not Before27/02/2004, 00:00Not After26/02/2005, 23:59SubjectCN=USA Revco,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Clear Search,O=USA Revco,L=Irvine,ST=California,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
version
GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA
lz32
LZCopy
LZOpenFileA
LZClose
wininet
InternetGetConnectedState
InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle
kernel32
IsBadReadPtr
SetUnhandledExceptionFilter
CreateFileA
FlushFileBuffers
SetStdHandle
GetEnvironmentStringsW
FreeLibrary
GetProcAddress
GetLastError
LoadLibraryA
IsBadCodePtr
FormatMessageA
FindClose
FindNextFileA
FindFirstFileA
CopyFileA
GetEnvironmentStrings
FreeEnvironmentStringsW
CompareStringA
GetCPInfo
CompareStringW
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
SetEndOfFile
Sleep
GetFullPathNameA
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
LCMapStringW
HeapFree
HeapAlloc
RtlUnwind
DeleteFileA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetDriveTypeA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ExitProcess
TerminateProcess
GetCurrentProcess
RemoveDirectoryA
CreateDirectoryA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
CloseHandle
ReadFile
SetHandleCount
GetStdHandle
GetFileType
SetFilePointer
WriteFile
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
user32
GetDC
gdi32
GetDeviceCaps
advapi32
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
ole32
CoCreateGuid
Sections
.rdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 77KB - Virtual size: 82KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 944B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ