Behavioral task
behavioral1
Sample
ba002ddc74df15710ce5b3652b747431_JaffaCakes118.dll
Resource
win7-20240729-en
General
-
Target
ba002ddc74df15710ce5b3652b747431_JaffaCakes118
-
Size
434KB
-
MD5
ba002ddc74df15710ce5b3652b747431
-
SHA1
2e0e873451a0f972c56028fec4035a9db781200b
-
SHA256
67f4dc71df2cdc7338c38b7c32eaee25a498d29c3be9fa19fefa506a295f5415
-
SHA512
cbc001901aa508e83e45bbe6d5b00ce18784039c0e638f600d3cccb6c6f39bad3b8064f2cb36e2e71dfce6e6d11630d9ff6b82dbbee2705daf56ce59062b0c82
-
SSDEEP
12288:C/nL6EgF3UvjtNFq0JAZVlZPPu5DhKy0ZTtOMQALrY:C/nL1b/FqjVlVu1Yy2SUr
Malware Config
Signatures
-
resource yara_rule sample aspack_v212_v242 -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ba002ddc74df15710ce5b3652b747431_JaffaCakes118
Files
-
ba002ddc74df15710ce5b3652b747431_JaffaCakes118.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: - Virtual size: 888KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 422KB - Virtual size: 424KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.aspack Size: 5KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.adata Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE