Behavioral task
behavioral1
Sample
525472e2fa9ff2f90b37e6c0c0053549_JaffaCakes118.dll
Resource
win7-20240708-en
General
-
Target
525472e2fa9ff2f90b37e6c0c0053549_JaffaCakes118
-
Size
182KB
-
MD5
525472e2fa9ff2f90b37e6c0c0053549
-
SHA1
c4ad89b7dbad09265fa8a58ba4d394d4461e3bb2
-
SHA256
76914bb3eb78f20a8776a88cc47af457be16ee032e67de6035f07b3c6e7f6f97
-
SHA512
a536c0b77183b7191cbe453f0cbe32540143a65b50f3839374eab872f8af8ac4d5195225f9a6f5e7089bf159eb4dcc8a1183364eae28ba262e30375e1350a0c8
-
SSDEEP
3072:KBSSIEW4d/brv2tQ007oXFLAYtGKCyjT5L0pWWhqa/Dzi725+67RiAYIJCjpP91c:KBSSWwDStr0SLwsT5YpWWY5K53ti8L
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 525472e2fa9ff2f90b37e6c0c0053549_JaffaCakes118
Files
-
525472e2fa9ff2f90b37e6c0c0053549_JaffaCakes118.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
UPX0 Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 81KB - Virtual size: 84KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE