fa
fc
Static task
static1
Behavioral task
behavioral1
Sample
f6b5b21651b7dea4fa5b6bf2e714300b_JaffaCakes118.dll
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
f6b5b21651b7dea4fa5b6bf2e714300b_JaffaCakes118.dll
Resource
win10v2004-20240412-en
Target
f6b5b21651b7dea4fa5b6bf2e714300b_JaffaCakes118
Size
8KB
MD5
f6b5b21651b7dea4fa5b6bf2e714300b
SHA1
d131afbd4996edfdd365eb33c5528598c3d59549
SHA256
7de582a723848b5b6a9b1b1d06f8b4837f1c6e3ef062bcd459f7f35d887ad9c2
SHA512
e37a941f79c231f686e4e24c46321509f62b9f4acd56d70327b04a727dc0069a2af2c40655ba661724708662b849c072a3eec8bd67f9984654f8c63170560231
SSDEEP
96:/ez+c1EwBB6+XkVgiIvel/cSrl+0fEhnGFJchxAR9T9ZEtEaflL2YllCwIBk:Gzpa+UVcXZPQ9T9ZOL0YjdIi
Checks for missing Authenticode signature.
resource |
---|
f6b5b21651b7dea4fa5b6bf2e714300b_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
WideCharToMultiByte
GetPrivateProfileStringA
Sleep
ReadProcessMemory
WriteProcessMemory
CreateThread
GlobalLock
GlobalAlloc
IsBadReadPtr
GetCommandLineA
GetModuleFileNameA
GetCurrentProcess
GlobalFree
SetWindowsHookExA
CallNextHookEx
UnhookWindowsHookEx
InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
??2@YAPAXI@Z
_adjust_fdiv
malloc
_initterm
free
strstr
??3@YAXPAX@Z
strrchr
strcpy
sprintf
_stricmp
strlen
memcpy
memset
fa
fc
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ