Behavioral task
behavioral1
Sample
8cbc1870076a80c1a81aa13cf0948e2a_JaffaCakes118.dll
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
8cbc1870076a80c1a81aa13cf0948e2a_JaffaCakes118.dll
Resource
win10v2004-20240802-en
General
-
Target
8cbc1870076a80c1a81aa13cf0948e2a_JaffaCakes118
-
Size
22KB
-
MD5
8cbc1870076a80c1a81aa13cf0948e2a
-
SHA1
1c39ccd35f42a07854b96351b67315cce6862cad
-
SHA256
19c807d2e550fa89cf3367b7613e687f3936fe910f7f73ad189a9fb61d93cd8c
-
SHA512
e9188c40756015e0e231714c149d43129742179342656964adbae18f2c301a72ac112f8f64cfbd4ab4f22295bed65f2fbaabc520e8286753c6bb96cd03d0891d
-
SSDEEP
384:NeH+tWzlSDrb5+gIS3a2Oaa2pbNGJ38pPJv1TCAxAr6+S9Pfu7n5rn:ntWurb6SOalwYxv1TlxndeVrn
Malware Config
Signatures
-
resource yara_rule sample aspack_v212_v242 -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8cbc1870076a80c1a81aa13cf0948e2a_JaffaCakes118
Files
-
8cbc1870076a80c1a81aa13cf0948e2a_JaffaCakes118.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
.text Size: 11KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 2KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 1024B - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.aspack Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.adata Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE