Behavioral task
behavioral1
Sample
37b35489ee96b4035dfab72285c82aed_JaffaCakes118.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
37b35489ee96b4035dfab72285c82aed_JaffaCakes118.dll
Resource
win10v2004-20240709-en
General
-
Target
37b35489ee96b4035dfab72285c82aed_JaffaCakes118
-
Size
19KB
-
MD5
37b35489ee96b4035dfab72285c82aed
-
SHA1
5b50b7f64f26d0b87a53a27ef360820931857ad5
-
SHA256
52f583cb78ec4e87b9c9664ae55f992c7be19d15338da408de733309db0b7b1a
-
SHA512
1cba522ef51a3b22dc1f267dce502e346498ed51f611951f2ac4913cc8c67c3b26269a538465f173bee5e86f246376da5a58aa14f340c6a2ee6d5d738b4ae4e2
-
SSDEEP
384:fjKsh0/jWoPJyPFnDcKrrxwDW+7VgbbaNzlBZQXzCwCXw:Wc0/qHFnLrlA97ubbj/P
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 37b35489ee96b4035dfab72285c82aed_JaffaCakes118
Files
-
37b35489ee96b4035dfab72285c82aed_JaffaCakes118.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: - Virtual size: 116KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 55KB - Virtual size: 56KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE