nabltygvy
Static task
static1
Behavioral task
behavioral1
Sample
eb987fd91b9994432f7cb038c83fa7de_JaffaCakes118.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
eb987fd91b9994432f7cb038c83fa7de_JaffaCakes118.dll
Resource
win10v2004-20240802-en
General
-
Target
eb987fd91b9994432f7cb038c83fa7de_JaffaCakes118
-
Size
412KB
-
MD5
eb987fd91b9994432f7cb038c83fa7de
-
SHA1
a17e363ae9fceea8271c9c9a29730fc7a23c1326
-
SHA256
a3be8598bc65ace5d4e7c3727d3af19036ad259e9cb6534b411d6aaa4658d9d5
-
SHA512
4bcfc0dab71deec4c8bcf78ee7e41c4d6d3685e3e7f6b3cfc65d1ca3a0fc59104038c3df21d2eef8eeb606c8ca98dc8496b653cf5f270e19a6ddf930453b8763
-
SSDEEP
6144:rAecDyPl052c1y2bTeCG5Ox5vX7BakwHn2G7sQ739ii+74jhyMWXtMX/IPn:8ecDkHc1y8c5Ojv8n3sQ7N0WZ84/un
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource eb987fd91b9994432f7cb038c83fa7de_JaffaCakes118
Files
-
eb987fd91b9994432f7cb038c83fa7de_JaffaCakes118.dll windows:4 windows x86 arch:x86
c8e738cd5959c46742204e925527e4e5
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
shlwapi
UrlEscapeA
kernel32
CreatePipe
GetStartupInfoA
GetStartupInfoW
ExitProcess
ReadFile
CloseHandle
WriteFile
msvcrt
malloc
free
winmm
mixerOpen
Exports
Exports
Sections
.code Size: 32KB - Virtual size: 31KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 533B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 360KB - Virtual size: 357KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ynacj Size: 4KB - Virtual size: 1B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 792B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ