Behavioral task
behavioral1
Sample
a740fdf869db16051cb75c8d70f52b59_JaffaCakes118.dll
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
a740fdf869db16051cb75c8d70f52b59_JaffaCakes118.dll
Resource
win10v2004-20240802-en
General
-
Target
a740fdf869db16051cb75c8d70f52b59_JaffaCakes118
-
Size
99KB
-
MD5
a740fdf869db16051cb75c8d70f52b59
-
SHA1
e9ef56f2d06e01f37af03356e1ce57a2420e4e45
-
SHA256
c06f07dc45307d574e9e6bc6d4185732fdb7aeb22be273aaf340c7d2e8c5fa52
-
SHA512
3955eec647adb3cf17dd6197cd8686eaf9177a80a4c2e65e989dd500f82cb63abe998138845dec472d163030f3e654a3bed8634e4cca473357af700647a469dc
-
SSDEEP
3072:yeGY214Jz3mhFRxo1iK/ZFRs5QTFeGGm8:lGYtZ3m8KYPGn
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a740fdf869db16051cb75c8d70f52b59_JaffaCakes118
Files
-
a740fdf869db16051cb75c8d70f52b59_JaffaCakes118.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: - Virtual size: 516KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 291KB - Virtual size: 292KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE