Static task
static1
Behavioral task
behavioral1
Sample
ae324835145817304a9ad49218eb6fb6_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
ae324835145817304a9ad49218eb6fb6_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
ae324835145817304a9ad49218eb6fb6_JaffaCakes118
-
Size
103KB
-
MD5
ae324835145817304a9ad49218eb6fb6
-
SHA1
839de8014635f104325eacf2f0850ad0dab0c153
-
SHA256
7fc4df0333c42396f0c05b08bb631201c4eebab6471571a4e45e1d24e1dfc23f
-
SHA512
9723e3a5ee9bc08811604e2f0372677d9ede3cbd6f68ea326e78ac66ed24e516a50556cd0d1f84bedecd92c8e1683c6dea45ec53631f94f8472e782b0526ab14
-
SSDEEP
1536:GAGjLP+bGh6cOM1mFd3K3NXM8ODDrofmdkPf+8OvwZtDC6UBQic3OtuHRC:GAMt4r6jOv7GVOvCxC6UBG3s
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ae324835145817304a9ad49218eb6fb6_JaffaCakes118
Files
-
ae324835145817304a9ad49218eb6fb6_JaffaCakes118.exe windows:5 windows x86 arch:x86
44e3dba0f45f727869f187b033c27966
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
certcli
CASetCertTypeFlags
CAFindByName
CASetCertTypeProperty
CASetCertTypeExtension
CASetCertTypeKeySpec
CARemoveCACertificateType
CACreateCertType
CAGetCAProperty
CAGetCertTypeProperty
CAGetCertTypePropertyEx
CACertTypeGetSecurity
CACertTypeSetSecurity
CAEnumCertTypes
CAUpdateCertType
CAFindCertTypeByName
CAGetCertTypeFlags
CAUpdateCA
CACloseCertType
CAEnumNextCertType
CAGetCertTypeExtensions
CAAddCACertificateType
CAFreeCertTypeExtensions
CACloseCA
CAGetCertTypeKeySpec
CAFreeCAProperty
CAEnumCertTypesForCA
CAFreeCertTypeProperty
msvcrt
?terminate@@YAXXZ
wcsstr
??3@YAXPAX@Z
memmove
malloc
_onexit
mbstowcs
free
_wcsupr
vswprintf
_adjust_fdiv
wcstoul
_wcsicmp
wcsrchr
__RTDynamicCast
??2@YAPAXI@Z
??1type_info@@UAE@XZ
_initterm
wcscmp
_except_handler3
wcslen
wcscat
wcschr
wcscpy
__dllonexit
kernel32
GlobalAlloc
GlobalUnlock
FormatMessageW
FileTimeToSystemTime
CloseHandle
SetUnhandledExceptionFilter
GetComputerNameW
lstrcmpiW
WideCharToMultiByte
GetLastError
GetSystemDefaultLangID
LocalReAlloc
OutputDebugStringW
CreateFileW
lstrcpyW
InterlockedIncrement
InterlockedDecrement
GetEnvironmentStringsW
GetModuleHandleA
lstrlenW
GetSystemTimeAsFileTime
GlobalLock
GetDateFormatW
GetProcAddress
IsBadReadPtr
GetCurrentProcess
OutputDebugStringA
InitializeCriticalSection
LocalFree
GetModuleFileNameW
GetTickCount
QueryPerformanceCounter
GlobalFree
DeleteCriticalSection
RemoveDirectoryA
GetCPInfo
LoadLibraryW
GetStartupInfoA
FileTimeToLocalFileTime
SetLastError
GetSystemWindowsDirectoryW
user32
GetDC
SystemParametersInfoW
SendMessageW
SetWindowTextW
GetDlgItem
MessageBoxW
EndDialog
SetWindowLongW
SendDlgItemMessageW
wsprintfW
LoadBitmapW
DialogBoxParamW
InsertMenuItemW
SetDlgItemTextW
GetWindowLongW
RegisterClipboardFormatW
PostMessageW
GetDlgItemTextA
WinHelpW
GetParent
LoadCursorW
ReleaseDC
LoadStringW
EnableWindow
LoadImageW
SetCursor
SetFocus
LoadIconW
comctl32
PropertySheetW
CreatePropertySheetPageW
advapi32
RegEnumKeyExW
RegDeleteKeyW
RegDeleteValueW
RegQueryValueExW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegSetValueExW
Sections
.text Size: 46KB - Virtual size: 46KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 86KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 25KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ