Static task
static1
Behavioral task
behavioral1
Sample
433b9c659f81964a1e0d48643fc28925_JaffaCakes118.dll
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
433b9c659f81964a1e0d48643fc28925_JaffaCakes118.dll
Resource
win10v2004-20240709-en
General
-
Target
433b9c659f81964a1e0d48643fc28925_JaffaCakes118
-
Size
3KB
-
MD5
433b9c659f81964a1e0d48643fc28925
-
SHA1
dbd62a93fea6a75bad3293fb1221861a40754b2b
-
SHA256
3fa191b90af1b04180644fd23d8da2d38d85d94262ba43c7f4d17c9c68488b0d
-
SHA512
1dc41e3863a328704e336745fb4c4dd4b201781c2a1bc09e33847936d2b956559b7223ae67e926df97cb70aa4e279701223edd172fa7ef55757ee6610736589f
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 433b9c659f81964a1e0d48643fc28925_JaffaCakes118
Files
-
433b9c659f81964a1e0d48643fc28925_JaffaCakes118.dll windows:4 windows x86 arch:x86
b6f391375d741ab65301de3824d105be
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
CloseHandle
CreateMutexA
CreateProcessA
GetLastError
GetModuleFileNameA
ReleaseMutex
lstrcpyA
lstrlenA
Sections
.text Size: 1024B - Virtual size: 566B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 307B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 302B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 52B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ