CPlApplet
Static task
static1
Behavioral task
behavioral1
Sample
2da265d472d27d94b49491f42bbdc5bc_JaffaCakes118.dll
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
2da265d472d27d94b49491f42bbdc5bc_JaffaCakes118.dll
Resource
win10v2004-20240704-en
General
-
Target
2da265d472d27d94b49491f42bbdc5bc_JaffaCakes118
-
Size
85KB
-
MD5
2da265d472d27d94b49491f42bbdc5bc
-
SHA1
e66ea479a94d23a427da9afe849a8bba138f1eea
-
SHA256
bbe80b69878d8bf73b861eb808111d921a994843dfb682225d1c26374873a7ae
-
SHA512
53135e27f917f93d0b1e000dbe991063aa8f83584d8a19c2d7459fdd356f4eef3b38775bf3458f36a4409ae6ea7b90a758f7e49f71bc48326092e5cf0fc0aef8
-
SSDEEP
1536:v3eDNcyJHPapZhJsPwHWys3T5KigiBWLbyyOR4l3L1LE4:v3ONJHCpi4CDYriciyJlb1Ln
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2da265d472d27d94b49491f42bbdc5bc_JaffaCakes118
Files
-
2da265d472d27d94b49491f42bbdc5bc_JaffaCakes118.dll windows:4 windows x86 arch:x86
b66ce8d837236f27ca01f8fc84c4b7e0
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
oleaut32
SysFreeString
advapi32
RegQueryValueExA
user32
GetKeyboardType
gdi32
UnrealizeObject
shell32
ShellExecuteA
wininet
InternetSetOptionA
Exports
Exports
Sections
.text Size: 79KB - Virtual size: 220KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 512B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE