DllRegisterServer
Static task
static1
Behavioral task
behavioral1
Sample
f53122a0048c0a979336fdb10d501c52_JaffaCakes118.dll
Resource
win7-20240221-en
General
-
Target
f53122a0048c0a979336fdb10d501c52_JaffaCakes118
-
Size
462KB
-
MD5
f53122a0048c0a979336fdb10d501c52
-
SHA1
e02b875ae32eca4739178c3c518b299b507a0343
-
SHA256
179ca839bc1d53a1796d10882b861b7274c080f6f13d6ac1cbf6ce0b93d95e16
-
SHA512
c5c37ebf9f21ba6a6a3d270fa7d98979f8c6cacf32ec3e2820fd524bbf954f4ed6d9424643e974fea528a79b6394bcd52e67e7b4efcbcbb577dee08d3dbb8a7a
-
SSDEEP
6144:7bVPXLakbTqht5o+nKivd8Z4sPYwp4KltOzlZRMCKy6fcWWHDecHAI3C+8hkBL:db4DmavdW4svpLtmRlKMHDuIycL
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource f53122a0048c0a979336fdb10d501c52_JaffaCakes118
Files
-
f53122a0048c0a979336fdb10d501c52_JaffaCakes118.dll regsvr32 windows:6 windows x86 arch:x86
87bed5a7cba00c7e1f4015f1bdae2183
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
LoadLibraryA
GetProcAddress
Exports
Exports
Sections
.text Size: 42KB - Virtual size: 41KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 520B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 417KB - Virtual size: 417KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 468B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ