Static task
static1
Behavioral task
behavioral1
Sample
c1d1163d584f64f3fa8f4d5ac8085242_JaffaCakes118.dll
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
c1d1163d584f64f3fa8f4d5ac8085242_JaffaCakes118.dll
Resource
win10v2004-20240802-en
General
-
Target
c1d1163d584f64f3fa8f4d5ac8085242_JaffaCakes118
-
Size
37KB
-
MD5
c1d1163d584f64f3fa8f4d5ac8085242
-
SHA1
ec4d34b0599213201e87a175b8183adac11291a9
-
SHA256
9238d3cf60b11cca88c48175de6ef856fb8dce558017e31daf42ccf573e96cbb
-
SHA512
0867177ecb2aa56e06ea5e6cbf92030b2c7068fc3a6385469e5588ed0558076056a2ca79af643ee867703af5f5a4efa1f4e724dfa4b8de854e7b0ac0888e6566
-
SSDEEP
768:42y0bxzekBl7g8P6cxpyGFOD81IGbVE30fVJf6rPiW1acX6h:I0b9d/i4nFO0G30fVJirk
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c1d1163d584f64f3fa8f4d5ac8085242_JaffaCakes118
Files
-
c1d1163d584f64f3fa8f4d5ac8085242_JaffaCakes118.dll .js windows:5 windows x86 arch:x86 polyglot
87bed5a7cba00c7e1f4015f1bdae2183
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
LoadLibraryA
GetProcAddress
Sections
.text Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 13KB - Virtual size: 218KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
rdata Size: - Virtual size: 192B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 736B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ