Static task
static1
Behavioral task
behavioral1
Sample
56625f05432ddf19ef394b3a3db77da3_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
56625f05432ddf19ef394b3a3db77da3_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
56625f05432ddf19ef394b3a3db77da3_JaffaCakes118
-
Size
166KB
-
MD5
56625f05432ddf19ef394b3a3db77da3
-
SHA1
d0f3cfb545991014a9b70caf6177b29c7cf2910a
-
SHA256
77f6b805e6c20341b3c05de6b1fcb74ba8cb2ce4ca30735182f8a5be2d22f9d4
-
SHA512
c54eb8622f388c0be3d7254d0f8ee73b342b9cf04daf8aca962ca1acb6c6057701257d86b7e8de0500d7189fcd6e517bd303076b43450bf564e1c77254fc4960
-
SSDEEP
3072:1QDIjX89aNEt6dM/iQ/0FKmtZ0BbP66XrNwA6egprUaxnfqE:qDIjM9aNza/n/eVtZ0BnXr+7egprb
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 56625f05432ddf19ef394b3a3db77da3_JaffaCakes118
Files
-
56625f05432ddf19ef394b3a3db77da3_JaffaCakes118.exe windows:4 windows x86 arch:x86
6093d4c345ddcd4f4f8f86ddca06161a
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED
Imports
user32
GetAncestor
CharUpperW
GetMessageW
CharNextW
TranslateMessage
SetTimer
GetDC
KillTimer
PostThreadMessageW
DispatchMessageW
wsprintfW
UnregisterClassA
kernel32
MultiByteToWideChar
lstrcpynW
FindClose
DeleteCriticalSection
CheckRemoteDebuggerPresent
GetLastError
GetTickCount
GlobalFree
lstrlenW
OutputDebugStringW
EnumResourceTypesW
GetCPInfo
lstrcpyA
lstrcpyW
WideCharToMultiByte
InitializeCriticalSection
GlobalAlloc
lstrcmpiW
GetACP
LockResource
GetModuleHandleW
winspool.drv
DocumentPropertiesW
Sections
.text Size: 110KB - Virtual size: 110KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 980B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 53KB - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.isete Size: 1024B - Virtual size: 124KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ