Static task
static1
Behavioral task
behavioral1
Sample
12c94f86a9258a4e851b8f286f864c98_JaffaCakes118.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
12c94f86a9258a4e851b8f286f864c98_JaffaCakes118.dll
Resource
win10v2004-20240802-en
General
-
Target
12c94f86a9258a4e851b8f286f864c98_JaffaCakes118
-
Size
4KB
-
MD5
12c94f86a9258a4e851b8f286f864c98
-
SHA1
8520468c9f5de66edbed21be309712a9ceaa4db7
-
SHA256
c0b7162e34823909583cfc499f259051c56707b2a082e5d1e7ff5e7db8678c1c
-
SHA512
fce91ee92064ed3b79a5dc211237026af3b9d84fab21aa919aca23a7b06ba8f8a43d6cb301d88b88d2a69c1a34cdb54928d47a8f20d1450e4d4f260f1fa7f11b
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 12c94f86a9258a4e851b8f286f864c98_JaffaCakes118
Files
-
12c94f86a9258a4e851b8f286f864c98_JaffaCakes118.dll windows:5 windows x64 arch:x64
4ea10ef319c9a1302e1e7b245dc67bbb
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
Imports
kernel32
GetModuleHandleA
GetProcAddress
ntdll
memset
advapi32
RegOpenKeyA
Sections
.MPRESS1 Size: 2KB - Virtual size: 16KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.MPRESS2 Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE