Static task
static1
Behavioral task
behavioral1
Sample
1a8ee5fcdef73c30d974e42b7701a1e8_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
1a8ee5fcdef73c30d974e42b7701a1e8_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
1a8ee5fcdef73c30d974e42b7701a1e8_JaffaCakes118
-
Size
318KB
-
MD5
1a8ee5fcdef73c30d974e42b7701a1e8
-
SHA1
2ea6a8ed34cdc2651df6f312b9068f3992179169
-
SHA256
e4c44b88384000e45b9a2c95a56c0e3c05e684388ea6962b0d069e4ef270d159
-
SHA512
d37ded3a4c7945076e423d802c1b7cbc77a1a9fed45a8ad963a4f82824c88f1ac598fee20d56882a2570ae198b90ca5263b358ffd47b128cf618ab3480f17f9a
-
SSDEEP
6144:DAwcb7+OtSuCKXh/jnUvOhNdx+P/5S0+aUge:DAwTOwmjtqpsaxe
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 1a8ee5fcdef73c30d974e42b7701a1e8_JaffaCakes118
Files
-
1a8ee5fcdef73c30d974e42b7701a1e8_JaffaCakes118.exe windows:4 windows x86 arch:x86
70e245c1cb676b37d0215c0cf84274b2
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
user32
SetTimer
SendMessageA
PostQuitMessage
MessageBoxA
KillTimer
GetKeyboardLayout
GetDoubleClickTime
GetDlgItem
EndDialog
DialogBoxIndirectParamA
kernel32
LockResource
LoadResource
MultiByteToWideChar
SizeofResource
GlobalAlloc
lstrlenA
lstrcpyA
lstrcatA
WriteFile
CloseHandle
CreateFileA
ExitProcess
FindResourceA
FreeResource
GetModuleHandleA
GlobalFree
Sleep
comctl32
InitCommonControls
shell32
ShellExecuteA
SHGetSpecialFolderPathA
shlwapi
StrStrA
Sections
.text Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 962B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 13KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 299KB - Virtual size: 299KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE