Static task
static1
Behavioral task
behavioral1
Sample
lb777.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
lb777.exe
Resource
win10v2004-20241007-en
General
-
Target
JaffaCakes118_dd5b34f0f51f166d7c92f7c46f8a23cd5fee993776b40e1f588cc463753d7a3b
-
Size
187KB
-
MD5
753782e044228489544d63e1f4e185f7
-
SHA1
a591a3c2e8f93df687e3e3d5e243d118e039bf0f
-
SHA256
dd5b34f0f51f166d7c92f7c46f8a23cd5fee993776b40e1f588cc463753d7a3b
-
SHA512
4e6321fb3c542d1d183460cc25fd41de156939dd4ed148682017031acab3edea2536f5ce4af443e478495f66aa2504b97d5269c42d8fb22b0b8e0b44fdad660a
-
SSDEEP
3072:DbPZIl5WTlQvFowaaE9WfOgJuLG34+Qf60AOFogMcfHb7YN6T0CGIFSRGLBRIX32:525WTbM/QfNAsoRcfy9IFS0b
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/lb777.exe
Files
-
JaffaCakes118_dd5b34f0f51f166d7c92f7c46f8a23cd5fee993776b40e1f588cc463753d7a3b.zip
Password: infected
-
lb777.exe.exe windows:5 windows x86 arch:x86
bf2d799cb59ce43b83a63fa8fe6d611f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleFileNameW
CreateActCtxA
HeapUnlock
GetModuleHandleA
InterlockedExchangeAdd
WaitNamedPipeW
GetLastError
GetPrivateProfileSectionW
CancelDeviceWakeupRequest
EnterCriticalSection
LocalHandle
WriteFile
SetFileShortNameW
ReadProcessMemory
OpenEventW
SetEvent
SetConsoleTextAttribute
SetConsoleTitleW
AllocConsole
LoadLibraryA
LocalAlloc
VirtualAlloc
GetFileAttributesW
GetAtomNameW
HeapAlloc
lstrcpyW
GetSystemDefaultLCID
GetConsoleAliasW
GetModuleHandleW
CreateMailslotW
GetCPInfoExA
SetEnvironmentVariableA
CommConfigDialogW
GetConsoleAliasesLengthW
DeleteTimerQueue
GetFileAttributesExW
SetCalendarInfoW
HeapLock
ReleaseMutex
WaitForSingleObject
lstrlenW
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
Sleep
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
RtlUnwind
RaiseException
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW
LCMapStringA
LCMapStringW
GetCPInfo
GetStringTypeW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapCreate
VirtualFree
HeapReAlloc
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
CloseHandle
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
HeapSize
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
Sections
.text Size: 106KB - Virtual size: 106KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 193KB - Virtual size: 758KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.mud Size: 512B - Virtual size: 23B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.yewiva Size: 512B - Virtual size: 6B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.leyil Size: 1024B - Virtual size: 963B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rewi Size: 512B - Virtual size: 346B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 59KB - Virtual size: 58KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ