Static task
static1
Behavioral task
behavioral1
Sample
52907d6185e1886d422bd1d8b47cfa47_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
52907d6185e1886d422bd1d8b47cfa47_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
52907d6185e1886d422bd1d8b47cfa47_JaffaCakes118
-
Size
176KB
-
MD5
52907d6185e1886d422bd1d8b47cfa47
-
SHA1
a692bc6da1e52e5272f6b352652a7fe936cc9ba6
-
SHA256
fcea9ef0397b1e4419d4f38d6897662a44a8b547fb1bf0f2c9443218ce49ee7c
-
SHA512
fad02ee32f92c04bdcd9ca58539dd448ae6d427aa439ddc4323c3e8d373bfbd4e1f6f99dd7c8110a301a6c010d614d1056c279c2828a42e03924e82ebe15e3b1
-
SSDEEP
3072:yrHnYBbK/6t8wUOQyiGbLSZ3oFECib8gdD1Z+sfMzSqrEls2FywLv6:yr4BbKCewRQy/bLSmqz8MR4s0z0s2Fyh
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 52907d6185e1886d422bd1d8b47cfa47_JaffaCakes118
Files
-
52907d6185e1886d422bd1d8b47cfa47_JaffaCakes118.exe windows:4 windows x86 arch:x86
139bf82c1d95439f11e3abf6d97b00a0
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
GetCurrentProcess
CloseHandle
CreateFileA
ExitProcess
LCMapStringA
LoadLibraryA
user32
wsprintfA
CreateWindowExA
CharLowerBuffA
CloseWindow
SetWindowLongA
advapi32
RegQueryValueA
RegOpenKeyA
RegSetValueA
RegDeleteKeyA
RegEnumValueA
RegEnumKeyA
RegCloseKey
RegDeleteValueA
RegCreateKeyA
Sections
.text Size: 157KB - Virtual size: 160KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ