DllManagerReadProcess
HookVantiReadProcess
Static task
static1
Behavioral task
behavioral1
Sample
f01a15fe460441f57c56467ae0ff0a47_JaffaCakes118.dll
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
f01a15fe460441f57c56467ae0ff0a47_JaffaCakes118.dll
Resource
win10v2004-20240412-en
Target
f01a15fe460441f57c56467ae0ff0a47_JaffaCakes118
Size
64KB
MD5
f01a15fe460441f57c56467ae0ff0a47
SHA1
db2a6d52f79e8b9f4ab2b9b6fce8ddbd0d49039b
SHA256
6a6bc3b8481c0eb9cf1903cdb0cc1299d08ccc972abde66f2a372cee08c67f16
SHA512
a15893ba57248601a2207609f3a2a680494c4071c906fe66af198bc845e65d80d177c8aaf71a2eb700aa5ad4b19d3ac7f4d0c4dc210176bd1b8adb45c24179f6
SSDEEP
384:+Sdz8pwh6g7UUkjva1o7Q9KaonyYWQZhBEVccw8U3lf6ard4bozZ8SKQrCXOrQPh:N8pw48jkjwKzyYWqQ0p6QKOrQsX
Checks for missing Authenticode signature.
resource |
---|
f01a15fe460441f57c56467ae0ff0a47_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
DllManagerReadProcess
HookVantiReadProcess
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE