Static task
static1
Behavioral task
behavioral1
Sample
a69d36b8e8b41abd14fd6e77418957d1_JaffaCakes118.dll
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
a69d36b8e8b41abd14fd6e77418957d1_JaffaCakes118.dll
Resource
win10v2004-20240802-en
General
-
Target
a69d36b8e8b41abd14fd6e77418957d1_JaffaCakes118
-
Size
231KB
-
MD5
a69d36b8e8b41abd14fd6e77418957d1
-
SHA1
a1812029467c993ec823ded701781288ca991aac
-
SHA256
9aa1bd7add31b6280459f21e5fee933552a880b17e0da4b9f09cf8a797c6b2c5
-
SHA512
16075ded778f5234acda7c01d5e1c7d07ba6a896655b94205a17c6d714027a9eaec9602acaa10f7d46a61083a412f6dc1f491e2c079e5b07a4174f0ccd230e1e
-
SSDEEP
6144:oUzFdPkvzaz4RD0kbcZXEDmp8rrFxAVH10IVOSK8Gs8pJgrk0RKf4:oGFSzUk+X4gIbAVRpK8MpuZ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a69d36b8e8b41abd14fd6e77418957d1_JaffaCakes118
Files
-
a69d36b8e8b41abd14fd6e77418957d1_JaffaCakes118.dll windows:4 windows x86 arch:x86
4f7217820c3adf85d2f0879ebad7dff1
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
user32
EndMenu
GetCursor
GetMessageA
IsCharLowerA
MessageBeep
EmptyClipboard
MessageBoxIndirectA
OemToCharA
ShowCursor
ShowScrollBar
DrawStateA
DrawMenuBar
DialogBoxParamA
DestroyIcon
CreateCursor
CreateAcceleratorTableA
CopyImage
CharToOemA
ActivateKeyboardLayout
MessageBoxA
wsprintfA
kernel32
SetEndOfFile
GetDateFormatA
GetLastError
SleepEx
EnterCriticalSection
GetTimeFormatA
advapi32
RegOpenKeyExA
RegCloseKey
RegQueryValueA
Sections
.text Size: 156KB - Virtual size: 154KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 1024B - Virtual size: 300B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 73KB - Virtual size: 488KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ