CPlApplet
Static task
static1
Behavioral task
behavioral1
Sample
038ef12e4f67154c09f3cbe4b190fa58_JaffaCakes118.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
038ef12e4f67154c09f3cbe4b190fa58_JaffaCakes118.dll
Resource
win10v2004-20240611-en
General
-
Target
038ef12e4f67154c09f3cbe4b190fa58_JaffaCakes118
-
Size
84KB
-
MD5
038ef12e4f67154c09f3cbe4b190fa58
-
SHA1
0c5b11ae58de14d43d68385c4bf7d4a09fb3c2a1
-
SHA256
e93d407dbdc27dc939a2d27b96f93bc1e5e1a59673bde6ed948f71a9c2ff78ee
-
SHA512
f7d2583d396887539689c9542b8a855a34dbe051533279a4c06bf25448a0b49d7ec5b274c749f6dcf1eea90b140606d04b3009777ee3a4849de0ab29e0b2b8b6
-
SSDEEP
1536:3y64+Cn5f9ZZuxjK8+HE7DlsOu3JnN0QF1rkp:iOC5f97qj/+HE7DlsZ3Jn1F+p
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 038ef12e4f67154c09f3cbe4b190fa58_JaffaCakes118
Files
-
038ef12e4f67154c09f3cbe4b190fa58_JaffaCakes118.dll windows:4 windows x86 arch:x86
334aa21cc3d6f65be040701a500cecf5
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetProcAddress
LoadLibraryA
GetLocaleInfoW
CreateProcessW
GetLongPathNameW
SetEnvironmentVariableW
PeekNamedPipe
GetProcessAffinityMask
FileTimeToDosDateTime
FlushViewOfFile
DeviceIoControl
GetDiskFreeSpaceW
GlobalGetAtomNameW
DisconnectNamedPipe
user32
DrawTextExA
MapWindowPoints
TranslateAcceleratorW
shell32
ExtractIconA
Exports
Exports
Sections
.text Size: 64KB - Virtual size: 60KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 717B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ