Static task
static1
Behavioral task
behavioral1
Sample
e9ac7e60956602e6ba0bfe74cd7fd640_JaffaCakes118.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e9ac7e60956602e6ba0bfe74cd7fd640_JaffaCakes118.dll
Resource
win10v2004-20240226-en
General
-
Target
e9ac7e60956602e6ba0bfe74cd7fd640_JaffaCakes118
-
Size
18KB
-
MD5
e9ac7e60956602e6ba0bfe74cd7fd640
-
SHA1
1c19a4fd6931da6db58d6d84d65c6f714c09b802
-
SHA256
eaddef917e792be9bd2df0cd20e7b70aaa4ef0e2c8482aa5af760a5df126e8a2
-
SHA512
a34767ca7ff168b36fa031f9006c14ea47a5ce0da4c768da63d2266e7fac5b8310cb8fed9488455522b0cae93d597370028a5f7c2f1ecbe25349f0634211a644
-
SSDEEP
384:YRdCyiYMqlWjDmQq8uNOdA4JUw2pszAzdeTk:MCycqlUDmQYF4J+ps8d0
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource e9ac7e60956602e6ba0bfe74cd7fd640_JaffaCakes118
Files
-
e9ac7e60956602e6ba0bfe74cd7fd640_JaffaCakes118.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
Sections
CODE Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
DATA Size: 512B - Virtual size: 184B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BSS Size: - Virtual size: 1KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1024B - Virtual size: 960B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 512B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ