Static task
static1
Behavioral task
behavioral1
Sample
1b9e194f57ee9093d09e7372451cfd5c_JaffaCakes118.exe
Resource
win7-20240508-en
General
-
Target
1b9e194f57ee9093d09e7372451cfd5c_JaffaCakes118
-
Size
142KB
-
MD5
1b9e194f57ee9093d09e7372451cfd5c
-
SHA1
efe3d9a838eea969f088684f06dc46a7da47e8b3
-
SHA256
da7b8597e2712a7745e0df4862037de632b5568363f8adc2546b8eb6884df279
-
SHA512
c39b554795fb4689fdaa3d191366ac426f8950bcc0b6fcabdebf6758f65bc943f6bacbb1c68a35e99f986844d3e28e2a89876e0864558d7988daacd7b9f647a6
-
SSDEEP
1536:MygUmA0leANbNoAWanpuXjs2zcsHnYpw8PcidvinYGueln2Lq:MxUmdleANKAWapYzcmYlnvizuqnZ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 1b9e194f57ee9093d09e7372451cfd5c_JaffaCakes118
Files
-
1b9e194f57ee9093d09e7372451cfd5c_JaffaCakes118.exe windows:4 windows x86 arch:x86
86f9dedc4246de1a9ec57fe8ba672a8f
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
VirtualFree
UnmapViewOfFile
WritePrivateProfileStringA
GetPrivateProfileStringA
Sleep
VirtualAlloc
GetModuleFileNameA
ExitThread
CreateThread
SetErrorMode
LoadLibraryA
GetProcAddress
lstrlenA
VirtualProtect
msvcrt
memcpy
user32
wsprintfA
MessageBoxA
wininet
InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetOpenA
advapi32
RegSetValueExA
RegOpenKeyA
RegCloseKey
Sections
.text Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 65KB - Virtual size: 65KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE