PyInit_QtQml
Static task
static1
Behavioral task
behavioral1
Sample
f557d63436cb270fef62cbeab36db51c_JaffaCakes118.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
f557d63436cb270fef62cbeab36db51c_JaffaCakes118.dll
Resource
win10v2004-20240802-en
General
-
Target
f557d63436cb270fef62cbeab36db51c_JaffaCakes118
-
Size
53KB
-
MD5
f557d63436cb270fef62cbeab36db51c
-
SHA1
a51d30cf83a6495b3f0aed00eb29585075b1fa99
-
SHA256
feb870eced1631ec8387ae075939f77bb1947d1b4dedff9a63a0e2debdfe28e5
-
SHA512
e15d17693645fd1c277d64f115ddd6d4bccd0be6e490288687c0fdfd322a663488cd2d56c03d001ae0c6dc1099a4cf0349396e942f38989016b895a2056f4156
-
SSDEEP
1536:0ZRKQpHZVOwazD+HPB8WbnysRASYFGIsH:0ZRKQp5VLy+vWWbysRgm
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource f557d63436cb270fef62cbeab36db51c_JaffaCakes118
Files
-
f557d63436cb270fef62cbeab36db51c_JaffaCakes118.dll windows:6 windows x86 arch:x86
945a0c9c0c491d7eca15ef03653a5a8e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
Imports
kernel32
GetModuleHandleA
GetProcAddress
python37
PyList_New
qt5gui
??1QValidator@@UAE@XZ
qt5qml
??1QJSValue@@QAE@XZ
qt5core
??1QUrl@@QAE@XZ
vcruntime140
memcpy
api-ms-win-crt-heap-l1-1-0
free
api-ms-win-crt-runtime-l1-1-0
_cexit
Exports
Exports
Sections
.MPRESS1 Size: 49KB - Virtual size: 356KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.MPRESS2 Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE