Quickmapcdrom
Static task
static1
Behavioral task
behavioral1
Sample
af555860174e29ae575a6c4e3068bc61_JaffaCakes118.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
af555860174e29ae575a6c4e3068bc61_JaffaCakes118.dll
Resource
win10v2004-20240802-en
General
-
Target
af555860174e29ae575a6c4e3068bc61_JaffaCakes118
-
Size
84KB
-
MD5
af555860174e29ae575a6c4e3068bc61
-
SHA1
fdd85e55879c61d2cc829fa2c03607ea5130f2c5
-
SHA256
1d491aba1c8691a470c3d83425610e177993b671b33944ffd01457e8da136cff
-
SHA512
a887cacedbcce3817cf4a84f295216441fb8311fa3a439f3dc60456b0d185889e6065d4fc3ebb0134af5d060bfe1eb1cc5d20aa9eae798d0cc10e2d335321e4a
-
SSDEEP
1536:uu8NBn52kc1JyrB3p7lX/fDtPBEcp0+AwrDlyvyh:HgYk+JqlvfBPEwI
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource af555860174e29ae575a6c4e3068bc61_JaffaCakes118
Files
-
af555860174e29ae575a6c4e3068bc61_JaffaCakes118.dll windows:4 windows x86 arch:x86
9dc8d9daf4cb3fb69e0610d4d101fc5a
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
InterlockedExchangeAdd
ExitProcess
HeapLock
GlobalAlloc
UnregisterWait
LoadResource
GetDiskFreeSpaceW
GetHandleInformation
GetProcAddress
CreateProcessW
LoadLibraryA
OpenFileMappingW
user32
FindWindowExW
ScrollWindow
GetClassLongW
DestroyCaret
EnumChildWindows
ModifyMenuA
GetMenuStringW
SetScrollRange
CharLowerW
CallWindowProcA
AppendMenuW
LoadIconA
UpdateLayeredWindow
shlwapi
PathAppendA
advapi32
CredDeleteW
RegOpenKeyA
gdi32
SetAbortProc
TextOutA
GetCharWidthA
GetWorldTransform
SetDCBrushColor
IntersectClipRect
Exports
Exports
Sections
.text Size: 64KB - Virtual size: 62KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ