C:\royhMIahvptwZwQle\jcoettnigdwolmtyif\jzwhtEaefoSqlptvhyk\oxpOzNvfiHy\yyTewXcgqpqyZHod\pfizcPkscdbvmuEL.pdb
Static task
static1
Behavioral task
behavioral1
Sample
1975c4806b5855c71ac78a3198c3c85e_JaffaCakes118.dll
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
1975c4806b5855c71ac78a3198c3c85e_JaffaCakes118.dll
Resource
win10v2004-20240508-en
General
-
Target
1975c4806b5855c71ac78a3198c3c85e_JaffaCakes118
-
Size
124KB
-
MD5
1975c4806b5855c71ac78a3198c3c85e
-
SHA1
c40863cbd5b5261b2b23a6945f03d3109f0aadbd
-
SHA256
51c7b008cdd082f25c76b3fc80ec6ce2f9c60af35d84343e11bd5212f43f7f94
-
SHA512
422588d93eb0f2d4f9b6fd00da4aeac032213056f4b50b2216d27b964f8a55fbee03451c179cefc7a051e8dfa681e091928fbc3efa19e982a3d58b1899e3067e
-
SSDEEP
3072:+PcvNg79A646MPCMiuUCUlN7R87fxUEjh3jihMFE3I3JhT:+PLJAkMP1rUCg7R8fihM6Y5
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1975c4806b5855c71ac78a3198c3c85e_JaffaCakes118
Files
-
1975c4806b5855c71ac78a3198c3c85e_JaffaCakes118.dll windows:5 windows x86 arch:x86
3532ccb638a2ba8e3defd207be2fe475
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
shlwapi
StrChrIW
kernel32
GetModuleHandleW
PulseEvent
UnlockFile
FindResourceExW
GetModuleHandleA
AddAtomW
LoadLibraryExW
UnhandledExceptionFilter
GetComputerNameW
GetComputerNameExA
DeleteCriticalSection
InitializeCriticalSection
lstrcpyW
SetFileAttributesA
CreateDirectoryA
gdi32
WidenPath
CreateFontW
SelectClipRgn
CreateCompatibleDC
LineDDA
SetBrushOrgEx
EnumFontFamiliesW
CreatePen
CreateSolidBrush
SetRectRgn
TranslateCharsetInfo
GetDIBits
SetTextColor
shell32
ord195
ord196
user32
DialogBoxIndirectParamA
LoadImageW
DestroyWindow
GetScrollRange
SetParent
DrawStateW
DispatchMessageA
ChildWindowFromPointEx
FrameRect
IsDialogMessageW
GetMenuStringA
GetKeyState
DrawTextW
GetUserObjectInformationA
SetCursor
SetWindowTextA
IsIconic
CheckMenuRadioItem
EnumChildWindows
SetDlgItemInt
GetLastActivePopup
GetKeyboardType
LoadAcceleratorsW
GetIconInfo
GetDlgItem
ScrollWindowEx
GetPropW
LoadBitmapW
Exports
Exports
AlphaBlend
?DufiluIOQF67uiofYIFYfUFyf@@YGKEPA_WG@Z
Sections
.text Size: 66KB - Virtual size: 65KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.mdata Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 15KB - Virtual size: 154KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ