Static task
static1
Behavioral task
behavioral1
Sample
30c380426505d0cc6741782bb917671b_JaffaCakes118.dll
Resource
win7-20240221-en
General
-
Target
30c380426505d0cc6741782bb917671b_JaffaCakes118
-
Size
1.4MB
-
MD5
30c380426505d0cc6741782bb917671b
-
SHA1
e3584ded8526f2d2559e3bb5bbc6cb1e307c5f3c
-
SHA256
97b3e4014ca0d298804be4f599b0601b934f88940137f74c91828c984de30969
-
SHA512
80b75e3fcb55a5d6f0437a80214107c3e40e5aaeba60a194acd836143ae726b396ce3cec0b787cb43a63861aa2dd91e006a43ee86628808ae43d3ad40c5d434f
-
SSDEEP
24576:VehqOUx1kdlsk5OPOND4mXHD4tTrSbg86YXFsfS4XVMKG:VQYIEUDVpqYXz4qT
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 30c380426505d0cc6741782bb917671b_JaffaCakes118
Files
-
30c380426505d0cc6741782bb917671b_JaffaCakes118.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
Sections
CODE Size: 979KB - Virtual size: 979KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
DATA Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BSS Size: - Virtual size: 3KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 73KB - Virtual size: 73KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 345KB - Virtual size: 345KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ