RunDllHostCallBack
Behavioral task
behavioral1
Sample
ad6433cbc2dbfd15e35c7251385c4d70_JaffaCakes118.dll
Resource
win7-20240729-en
General
-
Target
ad6433cbc2dbfd15e35c7251385c4d70_JaffaCakes118
-
Size
89KB
-
MD5
ad6433cbc2dbfd15e35c7251385c4d70
-
SHA1
bbc889d0e397d8f4212b453a6e9447978e1e609a
-
SHA256
01a3eeadb7d59d74fc2beeba41980fb7d8e06dbc375e93b661ae28391b22975a
-
SHA512
c651b0f151db0640ddc1306db65e6c5dd38d4022edd3bede08c222454a15d746634f0ec542b123043ad52b01b6fd67fe410aa9bbedc3c2caa3e416a6d5896057
-
SSDEEP
1536:VhAln6fjYuvectQ/xCKT7SuwDTIUIrD0qOTPcrPduLOFb7Nz:O6fVvrtkbHSuyNIPNOTPcr4LSXZ
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ad6433cbc2dbfd15e35c7251385c4d70_JaffaCakes118
Files
-
ad6433cbc2dbfd15e35c7251385c4d70_JaffaCakes118.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Exports
Exports
Sections
UPX0 Size: 32KB - Virtual size: 32KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 11KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE