Behavioral task
behavioral1
Sample
bb5eb7642b811daa0117b1bfb0d65b9e_JaffaCakes118.dll
Resource
win7-20240705-en
General
-
Target
bb5eb7642b811daa0117b1bfb0d65b9e_JaffaCakes118
-
Size
998KB
-
MD5
bb5eb7642b811daa0117b1bfb0d65b9e
-
SHA1
577ab9dfef5e45dce832571bb54be637a0feb3e2
-
SHA256
ec94d23070503d2a9d884e1433d5b0a2f53e2bffc63c47b1947aa0a99e1dea0b
-
SHA512
23447b39d3d5c19f0e3398402e9128a691a7482ed3f50229f44afb319a8714f8f8949b0943161c758e0241507af7f56563c51990107bb7b7c549e951b1eeefb5
-
SSDEEP
24576:+9WQZcLwAQSZuV31rI2+9Y0J6cTA8VIS2CcpO+Vhcge3WvtT1IM9A5KpMrmt78mR:+9DZ/2I18jMfCu7cgkq9X2A6rmt
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource bb5eb7642b811daa0117b1bfb0d65b9e_JaffaCakes118
Files
-
bb5eb7642b811daa0117b1bfb0d65b9e_JaffaCakes118.dll windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
UPX0 Size: - Virtual size: 2.0MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 994KB - Virtual size: 996KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE