Static task
static1
Behavioral task
behavioral1
Sample
5e8716b7f35e8db19ebd1fb3dd0671ab_JaffaCakes118.dll
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
5e8716b7f35e8db19ebd1fb3dd0671ab_JaffaCakes118.dll
Resource
win10v2004-20240508-en
General
-
Target
5e8716b7f35e8db19ebd1fb3dd0671ab_JaffaCakes118
-
Size
183KB
-
MD5
5e8716b7f35e8db19ebd1fb3dd0671ab
-
SHA1
7016b6cbe84949105e93822f9f7a647590827f57
-
SHA256
22afa4e31746345474de546cb15a2b09de0899a7bd27f0fdaf7d7d45b6c298e2
-
SHA512
184f1259311f18a370deaba819a2e14581b122c2a84b90eea0c4a9926629238e8e70a3d2990cf8b271077e967ec6c51364a78f81e84616e28303d12cb7158e92
-
SSDEEP
3072:oTVe+hrM93FXSJQLxdsxHtAtapRxRqG9//29BukYR0zS2W:ae++9pkMx2cUpRDbe9I1R0z
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5e8716b7f35e8db19ebd1fb3dd0671ab_JaffaCakes118
Files
-
5e8716b7f35e8db19ebd1fb3dd0671ab_JaffaCakes118.dll windows:5 windows x86 arch:x86
06ae03ea7228620257073806e196dbca
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
Imports
kernel32
GetModuleHandleA
GetProcAddress
ole32
CoCreateGuid
msvcr90
free
advapi32
RegFlushKey
user32
CharUpperW
Sections
.MPRESS1 Size: 176KB - Virtual size: 524KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.MPRESS2 Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE