MyLove
Behavioral task
behavioral1
Sample
cf5578d1c9433fa448f8ee14fe6ba235_JaffaCakes118.dll
Resource
win7-20240903-en
General
-
Target
cf5578d1c9433fa448f8ee14fe6ba235_JaffaCakes118
-
Size
21KB
-
MD5
cf5578d1c9433fa448f8ee14fe6ba235
-
SHA1
4cb678cb3454fa34a090fc1fe01ade74acb87223
-
SHA256
0bcd801df617bddef3345028573211ac5982c42aa93b5f97e20da0edddeca57e
-
SHA512
db32cc5d8cddf25e667da997f67adf75d33c0cbb60070a5b979eec900e80956b7123a35a69ab7d1eeb143cebec1e8fd20603ce44d9736ac9d8d0365ffd6bfb03
-
SSDEEP
384:2LWCpCJ6x37z8MxLvLW9GhOEv+fmuhx+VqC0eWPpnwDL9ADemjx5uo:UzZhFxLDW9Gc9fmuhxKqCCyL93mP
Malware Config
Signatures
-
ACProtect 1.3x - 1.4x DLL software 1 IoCs
Detects file using ACProtect software.
resource yara_rule sample acprotect -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource cf5578d1c9433fa448f8ee14fe6ba235_JaffaCakes118
Files
-
cf5578d1c9433fa448f8ee14fe6ba235_JaffaCakes118.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
Exports
Exports
Sections
UPX0 Size: - Virtual size: 92KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 19KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.dbwj Size: 553B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE