DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JmpHookOff
JmpHookOn
Static task
static1
Behavioral task
behavioral1
Sample
0003572d22ee56ee0f0f88b0aded1358_JaffaCakes118.dll
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
0003572d22ee56ee0f0f88b0aded1358_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Target
0003572d22ee56ee0f0f88b0aded1358_JaffaCakes118
Size
21KB
MD5
0003572d22ee56ee0f0f88b0aded1358
SHA1
87ef9aa434c8551741f1b72b96b2a221ec705998
SHA256
00599923cca36b3469b08d403621cd12e32bb306707289415a855aad22712998
SHA512
47ad5d8a25640bb0e477301c64d8d0686fa8030f43ee3686117a874b08bc570177cad0817157f2aad89541d98b9a97f7e3c679998c649c19cdaebeb1a2c10e00
SSDEEP
384:3spdjjEwsYfdeUmkT9vUGyKdv6IbU8DT9buEcZlcce3PywH0X:KjdsmdeudUlmV9kEcZlViPy4y
Checks for missing Authenticode signature.
Processes:
resource |
---|
0003572d22ee56ee0f0f88b0aded1358_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JmpHookOff
JmpHookOn
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE