Static task
static1
Behavioral task
behavioral1
Sample
acd4413765f77d70c2550dd00e4f3600_JaffaCakes118.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
acd4413765f77d70c2550dd00e4f3600_JaffaCakes118.dll
Resource
win10v2004-20240802-en
General
-
Target
acd4413765f77d70c2550dd00e4f3600_JaffaCakes118
-
Size
269KB
-
MD5
acd4413765f77d70c2550dd00e4f3600
-
SHA1
08f93b0e88d320be4e1f60dc269c7aa6660da19f
-
SHA256
202e8a32a76a8a76aa8251a82969d40b9b3647ece789fd8cb12f7e1c816b140b
-
SHA512
8010d6467d4a29fddd763af80bfa9eff60c01c373a9894f30488addf03eedadd602a968ebb540d3af91e5c2ccc9b39e55bfd2549b24d275437fea453ee69d817
-
SSDEEP
6144:R2Kp62bD8DQ8SF97fAPS+G0h6oMTsOdHBOR6EsJLYl+mlm:oW/8u9064ttoHBO6EMLYl+mlm
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource acd4413765f77d70c2550dd00e4f3600_JaffaCakes118
Files
-
acd4413765f77d70c2550dd00e4f3600_JaffaCakes118.dll windows:4 windows x86 arch:x86
5f91c393f5511fd31bf17fa6f66ece0d
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetSystemTimeAsFileTime
GetVersion
LocalAlloc
RtlUnwind
TlsSetValue
EnumResourceLanguagesW
Sections
.text Size: 21KB - Virtual size: 404KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 243KB - Virtual size: 244KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ