CRLcrtmm
Static task
static1
Behavioral task
behavioral1
Sample
b12a81b7c688caf167d337276c5497ad_JaffaCakes118.dll
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
b12a81b7c688caf167d337276c5497ad_JaffaCakes118.dll
Resource
win10v2004-20240802-en
General
-
Target
b12a81b7c688caf167d337276c5497ad_JaffaCakes118
-
Size
88KB
-
MD5
b12a81b7c688caf167d337276c5497ad
-
SHA1
de4cd67f4afc5e0c28e320a7eb0ab9bea74718e1
-
SHA256
1cd4ea612f867ee10bcf5cf9370870faa62949f67ece2baec47bc41f02808aca
-
SHA512
a4e52762fa08a0e576733019099cecd1a8d350bc02fcf614f64f869f586ff688a8b769d18d3e27196c8df477ba0347aa72b36e6536c908b769e1b38cb1bd1451
-
SSDEEP
1536:mG+hn54G9AofAfXsHgf1Lz2gZnvG7G//r3Jo2wy:A5DAlfXjNagpkWr3a2
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b12a81b7c688caf167d337276c5497ad_JaffaCakes118
Files
-
b12a81b7c688caf167d337276c5497ad_JaffaCakes118.dll windows:4 windows x86 arch:x86
16a0e5fa7e551a6c2ee0548c2305422f
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetTimeFormatA
WriteProfileStringA
GetProcAddress
HeapValidate
ResumeThread
LoadLibraryA
IsBadCodePtr
ole32
PropVariantClear
shlwapi
StrToIntA
gdi32
SetRectRgn
PtInRegion
SetBrushOrgEx
CreateICA
EnumFontFamiliesExA
Exports
Exports
Sections
.text Size: 68KB - Virtual size: 64KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 604B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ