pdb.pdb
Static task
static1
Behavioral task
behavioral1
Sample
bfc92b12d8ab10ac4be1c0fd8f9213f8_JaffaCakes118.dll
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
bfc92b12d8ab10ac4be1c0fd8f9213f8_JaffaCakes118.dll
Resource
win10v2004-20240802-en
General
-
Target
bfc92b12d8ab10ac4be1c0fd8f9213f8_JaffaCakes118
-
Size
578KB
-
MD5
bfc92b12d8ab10ac4be1c0fd8f9213f8
-
SHA1
a058323569e82853bc1e4ce8a6448d61ecde4447
-
SHA256
889d79f3b7b439bfdf2e0a079b2a51c5802a074c449f7b5c24367defcd57f833
-
SHA512
b7d7e891b756c47cf4402260914e04838e370fa2156abd4422400f547b81490b721dfb70597998b3d112171aabe7ab9b8dc050cdbc772adea0fc93e5b08e76ab
-
SSDEEP
12288:cU5e+L4JOc1UzqwtBldFKWLrROvnwhSmKdO3Ad:txLcOMUuQNKidOvnsSmKdIAd
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource bfc92b12d8ab10ac4be1c0fd8f9213f8_JaffaCakes118
Files
-
bfc92b12d8ab10ac4be1c0fd8f9213f8_JaffaCakes118.dll windows:4 windows x86 arch:x86
b1e0a83a483c59c9460db84a700b31e5
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
kernel32
Beep
OpenProcess
GetCurrentProcessId
lstrcmpA
MulDiv
LocalFree
Sleep
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
TerminateThread
WaitForSingleObject
CreateThread
CloseHandle
GetLocaleInfoA
LeaveCriticalSection
EnterCriticalSection
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
HeapAlloc
GetProcessHeap
HeapFree
EnumCalendarInfoExA
GetCommProperties
Exports
Exports
qjjx
Sections
.text Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 548KB - Virtual size: 546KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ