Static task
static1
Behavioral task
behavioral1
Sample
66bed3afa8f7a5ae7a3ac6d81e8aa67c_JaffaCakes118.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
66bed3afa8f7a5ae7a3ac6d81e8aa67c_JaffaCakes118.dll
Resource
win10v2004-20240709-en
General
-
Target
66bed3afa8f7a5ae7a3ac6d81e8aa67c_JaffaCakes118
-
Size
105KB
-
MD5
66bed3afa8f7a5ae7a3ac6d81e8aa67c
-
SHA1
3c5cf165f66d9e66e318c3d77dbc322c684ef429
-
SHA256
5dd5a30445a644951d6ef3ace986b9d5b19b549cffe18d99c65fd86ef8c11044
-
SHA512
babd0d67d66468868d18ae2b2a91781e1c5e5af8b9816e6249d5b0976dd51f39dddb34100e028572f986513c43a44f31920021dd7fee11bb518971da0bd0db0b
-
SSDEEP
1536:7IKqX7srZNJE88tYpJzvTxhfgn9mHvKHaddlMww74otnToIfKIO8fn5M:7678Bz3zbx6+vK6nlnw74uTBfY8fn
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 66bed3afa8f7a5ae7a3ac6d81e8aa67c_JaffaCakes118
Files
-
66bed3afa8f7a5ae7a3ac6d81e8aa67c_JaffaCakes118.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
Sections
CODE Size: 80KB - Virtual size: 80KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
DATA Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BSS Size: - Virtual size: 2KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 512B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ