DisplayAbout
Static task
static1
Behavioral task
behavioral1
Sample
2940d628e374bac411cd3494872ecc89_JaffaCakes118.dll
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
2940d628e374bac411cd3494872ecc89_JaffaCakes118.dll
Resource
win10v2004-20240508-en
General
-
Target
2940d628e374bac411cd3494872ecc89_JaffaCakes118
-
Size
60KB
-
MD5
2940d628e374bac411cd3494872ecc89
-
SHA1
9c849b3179c327fe4b2a40298e59c035334800b3
-
SHA256
b4e78a67819daafe20a7c9122f6c0565218c878fbd6cec09c4412ed55dd68b32
-
SHA512
6fa044004a89d0e2aa8a905f091862e6f21928bf5b30a301064cbd2105a678e41eeb05d80723022d304d495b3d0d1b067afb91d478e77c7d9718c3eb5696f07a
-
SSDEEP
768:cgx4omVdwWg8y+By+hW91Q3LMoeLLDAC0:/7mVdRg8y+ByGW91wLMoeLnAC0
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2940d628e374bac411cd3494872ecc89_JaffaCakes118
Files
-
2940d628e374bac411cd3494872ecc89_JaffaCakes118.dll windows:4 windows x86 arch:x86
2077da2f006e7849466cac007229860f
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
mfc42
ord2302
ord4234
ord5856
ord2764
ord3092
ord640
ord2405
ord5785
ord1640
ord323
ord2818
ord858
ord4129
ord6199
ord941
ord3874
ord324
ord6215
ord1641
ord1146
ord2860
ord4710
ord2379
ord4299
ord2864
ord6453
ord3721
ord3619
ord795
ord4275
ord3797
ord5875
ord926
ord540
ord567
ord3597
ord4425
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5280
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord4998
ord4853
ord4376
ord5265
ord3571
ord3567
ord4424
ord3402
ord5290
ord1776
ord6055
ord825
ord2514
ord602
ord2414
ord800
ord641
ord3626
ord3663
ord1182
ord823
ord342
ord1253
ord860
ord1168
msvcrt
_strupr
ctime
time
srand
rand
_adjust_fdiv
malloc
_initterm
free
strstr
strrchr
sprintf
__CxxFrameHandler
kernel32
GetSystemDirectoryA
OutputDebugStringA
CreateFileA
GetLastError
ReadFile
CloseHandle
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
SetFilePointer
GetFileSize
GetCurrentProcess
WriteFile
SetLastError
user32
PtInRect
ReleaseCapture
SetCapture
SetCursor
SetWindowLongA
EnableWindow
GetParent
GetClientRect
GetDesktopWindow
OffsetRect
RedrawWindow
GetWindowRect
LoadImageA
LoadBitmapA
SendMessageA
LoadStringA
LoadCursorA
gdi32
BitBlt
GetPixel
CreateFontIndirectA
CreateCompatibleDC
GetObjectA
GetStockObject
shell32
ShellExecuteA
fslodlib
ord1
advapi32
RegCloseKey
RegOpenKeyA
SetSecurityDescriptorDacl
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
GetUserNameA
InitializeSecurityDescriptor
LookupAccountNameA
SetSecurityDescriptorOwner
RegSetKeySecurity
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
Exports
Exports
Sections
.text Size: 24KB - Virtual size: 21KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 24KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ