decnranphifoier.pdb
Static task
static1
Behavioral task
behavioral1
Sample
4feb1c5f9d6442fafd6c28f30a1b91b5_JaffaCakes118.dll
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
4feb1c5f9d6442fafd6c28f30a1b91b5_JaffaCakes118.dll
Resource
win10v2004-20241007-en
General
-
Target
4feb1c5f9d6442fafd6c28f30a1b91b5_JaffaCakes118
-
Size
156KB
-
MD5
4feb1c5f9d6442fafd6c28f30a1b91b5
-
SHA1
ddd263060def8ecee9d91df8d08e6731b9dd5e48
-
SHA256
bcc685522dd80e37cb4047415bb4368d81ccad32270137d348b2ee196c562e59
-
SHA512
91b79a3af12cefdf22c567cf8361067ecc1e1dae18bc555cc0ec9b51e2047dd5037a2d94bba88ce45b1a5760c22e314ad697f5819145edbba8f276c7f9616074
-
SSDEEP
3072:oOrCeObBTIKIkZtFNkiZxqMj3iNwofjgwSHIK8/z:o08ZbNkPEelSoK8/
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4feb1c5f9d6442fafd6c28f30a1b91b5_JaffaCakes118
Files
-
4feb1c5f9d6442fafd6c28f30a1b91b5_JaffaCakes118.dll windows:4 windows x86 arch:x86
bd66a30531b4efaa6bf62d4ce6d555ee
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
kernel32
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
InterlockedIncrement
InterlockedDecrement
TerminateProcess
lstrlenA
HeapDestroy
GetCurrentProcess
GetLastError
GetCurrentThreadId
MultiByteToWideChar
DisableThreadLibraryCalls
UnhandledExceptionFilter
LocalFree
LeaveCriticalSection
ole32
CoCreateInstance
CoTaskMemFree
StringFromCLSID
advapi32
RegCloseKey
IsValidAcl
msvcrt
wcschr
fwprintf
malloc
free
wcsrchr
fclose
wcslen
Exports
Exports
oyzlrm
Sections
.text Size: 128KB - Virtual size: 125KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 20KB - Virtual size: 46KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 688B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ