Behavioral task
behavioral1
Sample
5ffff4cbeaae81b98674c1aea89c1e5d_JaffaCakes118.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
5ffff4cbeaae81b98674c1aea89c1e5d_JaffaCakes118.dll
Resource
win10v2004-20240709-en
General
-
Target
5ffff4cbeaae81b98674c1aea89c1e5d_JaffaCakes118
-
Size
5KB
-
MD5
5ffff4cbeaae81b98674c1aea89c1e5d
-
SHA1
8d4f45cef8604c0c731c2a0ff94e3de381769e47
-
SHA256
d33d51aa6d90b5d2041aebe4102c1f77df4dc123f0849cfd7ab3ac9fab0d2689
-
SHA512
d59da36e6f145ab383a030a9102256fc4526070b8020f2c6b882571cd316bd5d1a8874f57a87bf0a9f6359877cb639466df3eb7d70cfd2c70ad147e8991850d0
-
SSDEEP
96:W5bfz8Dy5s22WE8/8/aFCMyt94rANgyp+3PNDqvcbMh:W5vvfE83CMyfNxgFEV
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource 5ffff4cbeaae81b98674c1aea89c1e5d_JaffaCakes118 unpack001/out.upx
Files
-
5ffff4cbeaae81b98674c1aea89c1e5d_JaffaCakes118.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
UPX0 Size: - Virtual size: 32KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
.data Size: 5KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: 512B - Virtual size: 4B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1024B - Virtual size: 574B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ