?GetMsgProc@@YGJHIJ@Z
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_40db96226414213b680f026d0025e3aa.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_40db96226414213b680f026d0025e3aa.exe
Resource
win10v2004-20241007-en
General
-
Target
JaffaCakes118_40db96226414213b680f026d0025e3aa
-
Size
323KB
-
MD5
40db96226414213b680f026d0025e3aa
-
SHA1
ade156e1d0f53e2ab9f71c1ed44f921962dc999e
-
SHA256
f65815d6aa63a7b094b3c432a121eb1bf5dceff446050ab2a44d4724ea5745fd
-
SHA512
a16760433b25fa4f94b646ad0009cdbb2307c78496091c95671a98ffcbaeaadb368b4d8847b18a27177d67e1f09aaca8bdf5bea3147a91ce7d5b2d93a2bcb423
-
SSDEEP
6144:G2cHOj13qad4u5mNubNqT3p9fqAmTYlyLHAmT8yAErgOHTIaNVc9u0ptFIoqk:G9K3qvuPgDSAJl8A5uNHTIaNVcA0pbEk
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource JaffaCakes118_40db96226414213b680f026d0025e3aa
Files
-
JaffaCakes118_40db96226414213b680f026d0025e3aa.exe windows:4 windows x86 arch:x86
1440d969642f3ccd94cc80db9a33de0a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
WriteFile
SizeofResource
lstrcatA
MultiByteToWideChar
GetLastError
GetLongPathNameA
LoadResource
GetModuleHandleA
CreateMutexA
CloseHandle
GetTempPathA
DeleteFileA
FindResourceA
CreateFileA
LockResource
ExitProcess
user32
LoadCursorA
UnregisterHotKey
GetSystemMetrics
UnhookWindowsHookEx
DispatchMessageA
SetWindowsHookExA
DefWindowProcA
CreateWindowExA
TranslateMessage
SetFocus
PostQuitMessage
GetMessageA
DestroyWindow
RegisterClassA
GetWindowThreadProcessId
RegisterHotKey
FindWindowA
ole32
CoUninitialize
CoInitialize
atl
ord47
ord42
ord39
Exports
Exports
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 319KB - Virtual size: 319KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ