dfsvc.pdb
Static task
static1
Behavioral task
behavioral1
Sample
3de16e90c1775c3d6626948dbcc91c13_JaffaCakes118.dll
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
3de16e90c1775c3d6626948dbcc91c13_JaffaCakes118.dll
Resource
win10v2004-20240709-en
General
-
Target
3de16e90c1775c3d6626948dbcc91c13_JaffaCakes118
-
Size
15KB
-
MD5
3de16e90c1775c3d6626948dbcc91c13
-
SHA1
3c4c7e7323c292b9142ded81321255a155cd2946
-
SHA256
6177193f37afd29570c7934bec00c44887034e437215e07ecffc6eac3f9a4969
-
SHA512
033b00c0401bcffadacb9ce9e862a0b6ceb6013f4fb64b36aae7fcf4063881e77150176fb4b6984960ef3d40853db5dd4460fdb190c1781be60e2131899c5af2
-
SSDEEP
192:e7efJ27xuCxwsasHHL2CkoxBgWfoNmX16W/:6eBwhBnL2iOWf4mX16W
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3de16e90c1775c3d6626948dbcc91c13_JaffaCakes118
Files
-
3de16e90c1775c3d6626948dbcc91c13_JaffaCakes118.dll windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.extrel Size: 512B - Virtual size: 96B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.xdata Size: 512B - Virtual size: 112B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.dbgmap Size: 512B - Virtual size: 90B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.il Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 984B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ