OqwncdRfdeawcce
Static task
static1
Behavioral task
behavioral1
Sample
38b2c14f20f89f5b007a660bda519fc6_JaffaCakes118.dll
Resource
win7-20240221-en
General
-
Target
38b2c14f20f89f5b007a660bda519fc6_JaffaCakes118
-
Size
180KB
-
MD5
38b2c14f20f89f5b007a660bda519fc6
-
SHA1
a38c9f4fdfa7a2eedc29cf533947a0ed113726fd
-
SHA256
4ad7b0ee8a2133fb01c221fc1ee6ba225fde0d36ea4ed3d05de14ee1a42fcae6
-
SHA512
3e151dd03fb77cb7735f02c7e46c12159c06c48c2d21b57ff2303637049a530fb23ca10a9fd0ada21fb7132b913459dd368e79d0059a65fd73862b126f117a12
-
SSDEEP
3072:oD23JeSjU91NwhzvGQ5Fv6GKWiEAZxRzvUAtfRZF5EKWiQqmyF4uA:oDwJeSjoCB5xhCFzsAtZj5NBQoF
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 38b2c14f20f89f5b007a660bda519fc6_JaffaCakes118
Files
-
38b2c14f20f89f5b007a660bda519fc6_JaffaCakes118.dll windows:5 windows x86 arch:x86
2ca6ab0f08afe2d9f24be78633a20c21
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
msvcrt
memset
user32
ShowOwnedPopups
winspool.drv
WritePrinter
kernel32
CreateFileA
GetModuleFileNameW
advapi32
RegLoadAppKeyA
oleaut32
VarI2FromI4
Exports
Exports
Sections
.text Size: 24KB - Virtual size: 23KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 132KB - Virtual size: 128KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ