t
Static task
static1
Behavioral task
behavioral1
Sample
83ed1518b572f3fb7164104539824c68_JaffaCakes118.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
83ed1518b572f3fb7164104539824c68_JaffaCakes118.dll
Resource
win10v2004-20240802-en
General
-
Target
83ed1518b572f3fb7164104539824c68_JaffaCakes118
-
Size
4KB
-
MD5
83ed1518b572f3fb7164104539824c68
-
SHA1
0fb0ce9c8f74aec3880e7e532146d9215a8e7360
-
SHA256
1377f683892b4a8189355bfa703fd7ad1f4fea463c5d1f48e16e45244ad71905
-
SHA512
c8555d1cef219f7dfda153f4d2352ddb588f23e0b6d821ae73417a8389ffc842dd3282d936171eeb5f6be900ddd0e3c0d1a7859df6af416aead6c229c46fdf16
-
SSDEEP
48:a6RNJxkGHbjoAq7WKUpAdHZpgHL2RltV0VS6DZwFtwSiJwq9lQFeFilV/gJ95F:FxkGMrwQZpgHsKVS6wtKwq9DilV/gn
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 83ed1518b572f3fb7164104539824c68_JaffaCakes118
Files
-
83ed1518b572f3fb7164104539824c68_JaffaCakes118.dll windows:4 windows x86 arch:x86
15e51c12887f892f05633e75f9b8f54e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
HeapAlloc
GetProcessHeap
VirtualProtect
HeapFree
lstrcmpiA
IsBadCodePtr
GetProcAddress
LoadLibraryA
GetModuleFileNameA
DisableThreadLibraryCalls
user32
CallNextHookEx
wsprintfA
Exports
Exports
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 520B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 120B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ