DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Static task
static1
Behavioral task
behavioral1
Sample
eb37ebde7c17f606406587eea6867b09_JaffaCakes118.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
eb37ebde7c17f606406587eea6867b09_JaffaCakes118.dll
Resource
win10v2004-20240226-en
Target
eb37ebde7c17f606406587eea6867b09_JaffaCakes118
Size
172KB
MD5
eb37ebde7c17f606406587eea6867b09
SHA1
c918356904c141172f52923d26e49b7999f81e19
SHA256
b9162d2059579a39d0088da7f144bcdeb620e27d38aa47c1662814cc5b6475fc
SHA512
1d194ee469028ec1c8227b9f38ecdf21eaf311375282dd3ad31e132a647680922c50d109d6fd62d97daf85043527702629140f59a55382c89dd10e88ee5cc014
SSDEEP
3072:zsO0cwzu/AJhyD3kQ1tqQiW2Nq8JihG0eOQlDbApRJ6wV0z66n:zsOKz6QEQtHFJihGDxbrwV0z66n
Checks for missing Authenticode signature.
resource |
---|
eb37ebde7c17f606406587eea6867b09_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
GetModuleBaseNameA
EnumProcessModules
EnumProcesses
SetSecurityInfo
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegCloseKey
RegOpenKeyExA
SetEntriesInAclA
GetSecurityInfo
GetFileVersionInfoSizeA
GetFileVersionInfoA
InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetSetOptionA
InternetCloseHandle
HttpQueryInfoA
StrStrIA
SHGetValueA
SHSetValueA
VariantClear
SysAllocString
SysFreeString
GetErrorInfo
CoTaskMemAlloc
CoCreateGuid
CoInitialize
CoCreateInstance
CoTaskMemFree
UuidToStringA
Netbios
GetWindowThreadProcessId
EnumChildWindows
EnumWindows
RegisterClassExA
GetClassNameA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
OpenClipboard
CloseClipboard
wsprintfA
DefWindowProcA
SetTimer
KillTimer
SetWindowPos
SystemParametersInfoA
CreateWindowExA
timeGetTime
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
__CxxFrameHandler
_CxxThrowException
??3@YAXPAX@Z
??1exception@@UAE@XZ
??2@YAPAXI@Z
ispunct
tolower
printf
isalpha
strchr
strncpy
islower
malloc
isupper
isspace
?what@exception@@UBEPBDXZ
wcslen
wcscmp
isgraph
__mb_cur_max
isalnum
isxdigit
strerror
free
wctomb
strstr
toupper
strtok
fclose
fwrite
fopen
tmpnam
atoi
strtol
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
GetLastError
LocalFree
GetWindowsDirectoryA
HeapFree
GetCurrentThread
DeleteFileA
CreateProcessA
WaitForSingleObject
MoveFileExA
lstrcpyA
CreateFileA
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
GetCurrentProcessId
Sleep
GetThreadTimes
GetTickCount
QueryPerformanceCounter
OpenProcess
CloseHandle
GetLocalTime
lstrcmpA
lstrcmpiA
GetEnvironmentStrings
FreeEnvironmentStringsA
LoadLibraryA
QueryPerformanceFrequency
GetCurrentDirectoryA
GetProcAddress
FreeLibrary
GetSystemInfo
SleepEx
lstrcpynA
HeapAlloc
HeapSize
GetProcessHeap
GetCurrentProcess
GetProcessTimes
GetSystemDirectoryA
GetModuleHandleA
GetModuleFileNameA
GetVersionExA
MultiByteToWideChar
GetFullPathNameA
lstrlenA
SetLastError
FormatMessageA
GetVersion
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ