DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Static task
static1
Behavioral task
behavioral1
Sample
f60de8807571efe6fb4d720c769083d3_JaffaCakes118.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f60de8807571efe6fb4d720c769083d3_JaffaCakes118.dll
Resource
win10v2004-20240412-en
Target
f60de8807571efe6fb4d720c769083d3_JaffaCakes118
Size
47KB
MD5
f60de8807571efe6fb4d720c769083d3
SHA1
c3eb9aaea735258849636ff9290949c1f302ba98
SHA256
ba67772aa1188a04abe85c6f3b080de87b2b17960c89a6690153b6d3f3de31e3
SHA512
b45d2bb7d8829c49d98eb440294c91742d3f89d1d1f4efa70b569be1e20c94ce9e6e36fafc578514d77e0e5c636e6be1881e11054da039941c8978db6ccebded
SSDEEP
768:2VYh5QE6lZ22mktSOjXKvosqINHV+9zutQXeUxt2B6koLwIKsn:oYLB6lQWjhINAhutQXeWG7o8IK
Checks for missing Authenticode signature.
resource |
---|
f60de8807571efe6fb4d720c769083d3_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
send
recv
socket
connect
ioctlsocket
htons
closesocket
WSAStartup
LocalFree
LoadLibraryA
GetProcAddress
GetLastError
IsBadReadPtr
GetSystemInfo
WideCharToMultiByte
GetModuleHandleA
InterlockedDecrement
GetModuleFileNameA
GetCurrentProcess
lstrcpynA
CreateFileA
FlushInstructionCache
Sleep
CreateThread
CallNextHookEx
wsprintfA
_strupr
_strdup
_adjust_fdiv
_CxxThrowException
??1type_info@@UAE@XZ
_initterm
_stricmp
_onexit
__dllonexit
strchr
free
isalpha
isdigit
??3@YAXPAX@Z
__CxxFrameHandler
sprintf
??2@YAPAXI@Z
wcslen
malloc
realloc
CoCreateInstance
OleRun
SysAllocString
GetErrorInfo
VariantClear
SysFreeString
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ