Static task
static1
Behavioral task
behavioral1
Sample
29c62d61860e76a64382dce6e2975e05_JaffaCakes118.dll
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
29c62d61860e76a64382dce6e2975e05_JaffaCakes118.dll
Resource
win10v2004-20240704-en
General
-
Target
29c62d61860e76a64382dce6e2975e05_JaffaCakes118
-
Size
470KB
-
MD5
29c62d61860e76a64382dce6e2975e05
-
SHA1
dac44166b2f29d3c50b22e86e133de7ae11a531b
-
SHA256
9fdc29350548ca56d8a52691352b6612c21b22bdd8446dd0d66f71d64377ac54
-
SHA512
b269a2dcd5ad9804dec1798caa43cd30de86e86584e1e75c5579ae6fc54254397a68560ea8ac9280457aa3e8bd544aaacf1c23c30c6726bd206a78931dfcc93a
-
SSDEEP
6144:J3E9x46oBl7Rw8GTNZwQpscJYIVsw4DDReab4UB/ZuTQpo6R+OGSRI9i:Fx6oBluT8QhR/Wb4UdZqQhdXI9
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 29c62d61860e76a64382dce6e2975e05_JaffaCakes118
Files
-
29c62d61860e76a64382dce6e2975e05_JaffaCakes118.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
.nsp0 Size: 48KB - Virtual size: 48KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.nsp1 Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.nsp2 Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ftsafe Size: 398KB - Virtual size: 398KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE