CreateSecurityPackageData
Static task
static1
Behavioral task
behavioral1
Sample
0da2c0023f24a7a74d214d55d5fa5ba6_JaffaCakes118.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
0da2c0023f24a7a74d214d55d5fa5ba6_JaffaCakes118.dll
Resource
win10v2004-20240802-en
General
-
Target
0da2c0023f24a7a74d214d55d5fa5ba6_JaffaCakes118
-
Size
484KB
-
MD5
0da2c0023f24a7a74d214d55d5fa5ba6
-
SHA1
4b2eaf2181b3a2f1005723b4ee14c8488049e88f
-
SHA256
1100459e884a67f92721b0136b1e959102bcf90ad8b80616e3e8c46b1dc8a2bf
-
SHA512
f64db788f46d5ed7f66481cc296304d826d9b5df44bceab8124772b4e25aa132cc702c4ebd31748e0b199633224f26e85c540abbcc2c16d26f55802313b4e234
-
SSDEEP
12288:ym+VAMwF6QYcDLHU0ueiMPwmvyaN7dzYWjvqcOhRY/jUS6OhRY/jUSUiylRf:9+kUrMPwmvyaN7dpqfKRNlRf
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0da2c0023f24a7a74d214d55d5fa5ba6_JaffaCakes118
Files
-
0da2c0023f24a7a74d214d55d5fa5ba6_JaffaCakes118.dll windows:4 windows x86 arch:x86
d1dfe887b687f8c199a072c725c78d9b
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
SetStdHandle
ReadFile
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetLocaleInfoA
lstrcpyA
WideCharToMultiByte
GetVersion
GetVersionExA
MultiByteToWideChar
EnterCriticalSection
Sleep
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
HeapFree
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
HeapReAlloc
GetCommandLineA
RaiseException
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
SetFilePointer
FlushFileBuffers
CloseHandle
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
LoadLibraryA
user32
FillRect
ReleaseDC
GetDesktopWindow
GetDC
MessageBoxA
GetKeyboardLayout
gdi32
CreatePen
StrokePath
SetPolyFillMode
BeginPath
MoveToEx
PolyBezierTo
LineTo
EndPath
StrokeAndFillPath
SetTextColor
CreateFontIndirectA
GetGlyphOutlineA
GetGlyphOutlineW
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
CreateSolidBrush
SetBkMode
DeleteDC
GetDIBits
DeleteObject
SetBkColor
Exports
Exports
Sections
.text Size: 264KB - Virtual size: 260KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 28KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 168KB - Virtual size: 173KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 976B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 16KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ