i
Behavioral task
behavioral1
Sample
c8f6492eaadbb6d7842a1a15f7398a85_JaffaCakes118.dll
Resource
win7-20240708-en
General
-
Target
c8f6492eaadbb6d7842a1a15f7398a85_JaffaCakes118
-
Size
17KB
-
MD5
c8f6492eaadbb6d7842a1a15f7398a85
-
SHA1
d775ee1fa489eee634d770b3781341a9772330ed
-
SHA256
78a460b847aa1de90c75ff2507192fd1fbd8df28d6f5692a6ebea76cc47c3f34
-
SHA512
36a15a242300eb1f8d30270976ea83a51cf25b600e1136836a7c8c7ec919f363d64b45e0e073535f94a6e817c111faa24718307c241f00a46c0fcc18e444e528
-
SSDEEP
384:VFWEVcwCB/szJjbyVs2r2qSHfG4msCe4UHqyFSIr/06rzJ1QAs0Y7Y:uEPCB0VjQs2gHf97XHqQ706HJ1FY
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c8f6492eaadbb6d7842a1a15f7398a85_JaffaCakes118
Files
-
c8f6492eaadbb6d7842a1a15f7398a85_JaffaCakes118.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Exports
Exports
Sections
UPX0 Size: - Virtual size: 48KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 15KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE