DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Static task
static1
Behavioral task
behavioral1
Sample
6969367b18a6e690057598d9f7aa6138_JaffaCakes118.dll
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
6969367b18a6e690057598d9f7aa6138_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Target
6969367b18a6e690057598d9f7aa6138_JaffaCakes118
Size
54KB
MD5
6969367b18a6e690057598d9f7aa6138
SHA1
6e9f28cfb0759e7a923eeda06836458ddc71bd4e
SHA256
0026bbf5bbf93d161bdc03b584ab20b2d16a2f84a003b89a0558961c1a296108
SHA512
990e3b26293cace79050fc98391434b1f9d41d20f00e8a9df979c5f4f4639dd46f5b21593973f27563a8650615e2ee5ad1a5f2baae67a159e51eb4d22e956013
SSDEEP
768:2I0SNlaD8AumlnTfh7MBphEpiC8QP/mttkhatw0Pt8UH6hlSbtk/2jzw2IRz8nUq:1SD8wDh7MBphf2cE0PHa/JxVC
Checks for missing Authenticode signature.
Processes:
resource |
---|
6969367b18a6e690057598d9f7aa6138_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
GetModuleHandleA
GetProcAddress
free
CreateDIBitmap
GetDC
RegOpenKeyW
ord199
ord16
CoTaskMemFree
SysAllocString
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE