_cgo_panic
_cgo_topofstack
callbackTrampoline
commitHookTrampoline
compareTrampoline
crosscall2
doneTrampoline
rollbackHookTrampoline
stepTrampoline
updateHookTrampoline
Static task
static1
Behavioral task
behavioral1
Sample
a251ab42e6336d564b858cdeefc2678b_JaffaCakes118.exe
Resource
win7-20240508-en
Target
a251ab42e6336d564b858cdeefc2678b_JaffaCakes118
Size
4.4MB
MD5
a251ab42e6336d564b858cdeefc2678b
SHA1
660beae5f5312471029cc1393f1477408cbf6697
SHA256
fd12ad7d9ac7ea5d0719ee1e9c1693e8aa55777ab695e87e1286474bad5b476b
SHA512
ce9f82087e3e0625afc44e586f53c4363208c871314c93978699f256bcd835b492d3ff19cc7fbfe43c9f7b2533cfb123d1769e9090bb9c3068f3e5addaf13094
SSDEEP
98304:tNwEf0x018aUP9GndDTFLx4FejNMaDje4Cq67QfguIPPt9oEW:tNwE8wUEn9T9mejXFM7QYZtlW
Checks for missing Authenticode signature.
Processes:
| resource |
|---|
| a251ab42e6336d564b858cdeefc2678b_JaffaCakes118 |
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
lstrcpy
InitCommonControls
_cgo_panic
_cgo_topofstack
callbackTrampoline
commitHookTrampoline
compareTrampoline
crosscall2
doneTrampoline
rollbackHookTrampoline
stepTrampoline
updateHookTrampoline
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE