Behavioral task
behavioral1
Sample
27bbb630f36c756c04ccf50388f5f520_JaffaCakes118.dll
Resource
win7-20240903-en
General
-
Target
27bbb630f36c756c04ccf50388f5f520_JaffaCakes118
-
Size
946KB
-
MD5
27bbb630f36c756c04ccf50388f5f520
-
SHA1
4319bd16a2830e7cc73e92571e80c938b2b521fc
-
SHA256
3edc657f5c9181feda773b3e91dd5ad7374cf64855bfb6256af17e7440d88027
-
SHA512
58b8357e71dbaa1651702ab5fa870105eb3cc1652ec6ccfd164bc0686f436982eea64ebe808bdc4bfc04cfc6d81e5ae5dea69def9ccb6a7096d217dfd226323b
-
SSDEEP
24576:XmDOrtnGOGpwzBmUs+ntbTwgdWsFXBmp9zInVxKr6ATZ7KaLqoY:WDctNGpwzBZ+gZFXcS3ho7ZO
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 27bbb630f36c756c04ccf50388f5f520_JaffaCakes118
Files
-
27bbb630f36c756c04ccf50388f5f520_JaffaCakes118.dll windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
UPX0 Size: - Virtual size: 2.0MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 942KB - Virtual size: 944KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE