Static task
static1
Behavioral task
behavioral1
Sample
469154998ff93081b65e281f3f1dbe1d_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
469154998ff93081b65e281f3f1dbe1d_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
469154998ff93081b65e281f3f1dbe1d_JaffaCakes118
-
Size
431KB
-
MD5
469154998ff93081b65e281f3f1dbe1d
-
SHA1
0023ceeecf33d95560a45a20489295639df6d567
-
SHA256
e41a225328f8a0b75610633c23544f46f7d5f3cc009dfe2cd0f76f3426908e1d
-
SHA512
d911c274d50787cfda23313bcdbe5fefa12afdc3c1276cde2149d8b29201f4b9c2fc640be0a3eba7ca0d95f7077d5382c3305fba0d605900b1f0577f8f7fea3c
-
SSDEEP
6144:ut22yf6gEhy608iLS9wXnncnW+esq9yU5Ox8v9fhnYgMPuwF8aj1YIOSL7VL:AfgEV08s3z9y+OyvnX8nj1YOL5
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 469154998ff93081b65e281f3f1dbe1d_JaffaCakes118
Files
-
469154998ff93081b65e281f3f1dbe1d_JaffaCakes118.exe windows:4 windows x86 arch:x86
e0aea8fa58c3f45ed157fce2f563f71c
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvcrt
__iscsymf
_read
exit
localtime
_mbsnbcnt
iswdigit
_local_unwind2
_wctime
_wspawnle
_CIcosh
_control87
_cwait
_wsopen
_getdcwd
_pwctype
fputc
_mbschr
_rotr
shell32
CheckEscapesW
advapi32
RegOpenKeyW
ObjectCloseAuditAlarmW
GetUserNameA
DuplicateToken
RegOpenKeyA
GetServiceKeyNameA
CryptGetDefaultProviderW
ObjectDeleteAuditAlarmA
GetUserNameW
GetTokenInformation
gdi32
GetTextExtentPoint32A
GetObjectType
GetClipRgn
GetCurrentPositionEx
GetBoundsRect
SetPixelFormat
SetBkMode
AnimatePalette
GetDeviceCaps
kernel32
Sleep
GetSystemTime
GetModuleHandleA
CompareStringA
FreeLibraryAndExitThread
GetComputerNameW
CallNamedPipeA
lstrlenW
InitializeCriticalSection
ExitProcess
GetLocalTime
PrepareTape
GetModuleHandleW
BackupRead
GetDiskFreeSpaceW
SetErrorMode
lstrcmpiW
VirtualAlloc
VirtualFree
lstrcmpiA
GetStartupInfoW
lstrcmpA
lstrlenA
lstrcmpW
SignalObjectAndWait
user32
ValidateRgn
GetWindowLongW
AnimateWindow
UnloadKeyboardLayout
RegisterClassExA
DestroyMenu
InvalidateRgn
DdeQueryNextServer
TranslateAcceleratorA
GetLastActivePopup
GetForegroundWindow
IsWindowEnabled
CreateIcon
SetCaretBlinkTime
CreateAcceleratorTableA
InvertRect
HideCaret
GetShellWindow
DdeDisconnect
IsDialogMessageA
MapVirtualKeyExA
ShowScrollBar
Sections
.text Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.nxpqj Size: 30KB - Virtual size: 242KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gzt Size: 197KB - Virtual size: 406KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.lzwgp Size: 197KB - Virtual size: 347KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1024B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ