DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Static task
static1
Behavioral task
behavioral1
Sample
83d203e24b696bac278c63e84c4b1704_JaffaCakes118.dll
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
83d203e24b696bac278c63e84c4b1704_JaffaCakes118.dll
Resource
win10v2004-20240226-en
Target
83d203e24b696bac278c63e84c4b1704_JaffaCakes118
Size
42KB
MD5
83d203e24b696bac278c63e84c4b1704
SHA1
1c0f33054166deaba6dd84b6577c0d776e280b05
SHA256
706c432bd5fd08b8e3fed9b131bf2713f1aca0c3b1077e313b412ff592e1bcc6
SHA512
bb3ac690f74343a889a786f66dc2b4d81ee2fcd690260f5a0ca8dbca81c644721651e67c5be82b3064cd67e25c4cd2cdc54c9fae0397558f200fc2c91cc20b05
SSDEEP
768:Dj5aEKq1jrNlihk82wEMMJwue3oUPwPi2JAlNCdPs4HxS3lRljVWtM8MfUHzVx/P:5aEKAPNkhow3ye3oQwP8ckOalRlRWtJH
Checks for missing Authenticode signature.
resource |
---|
83d203e24b696bac278c63e84c4b1704_JaffaCakes118 |
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
GetModuleHandleA
GetProcAddress
free
IsValidSid
DeleteDC
SysStringLen
SHGetFolderPathW
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE