DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Static task
static1
Behavioral task
behavioral1
Sample
02435db34a379161d61476d386c19068_JaffaCakes118.dll
Resource
win7-20240508-en
Target
02435db34a379161d61476d386c19068_JaffaCakes118
Size
118KB
MD5
02435db34a379161d61476d386c19068
SHA1
d32dd9201b9ecf673a3ddf2bcfbfb1847d54bafc
SHA256
53e8e812ccd312f44e12528725d7e937c52d12060b53dc0e3367e8d7f02c34bc
SHA512
1e55ad835c4ca0c2798bb1c074cd3d0a84e06f0c6308bfe81ebed3ca0c0452519e5c42918033ed0749b1f78b8bbdb153929bdcdd0897a7913aebca8fb3ad5fbf
SSDEEP
3072:IVRaNBTlghjl+1aQCJn4uaq63ExLJWo6Qzdn10c3r6cyWTV:WRaNLg+klJn4rOSo6Qzdn1xucFV
Checks for missing Authenticode signature.
| resource |
|---|
| 02435db34a379161d61476d386c19068_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
GetProcAddress
LoadLibraryA
RegQueryValueExA
StrRChrA
URLDownloadToCacheFileA
RpcStringFreeA
EnumThreadWindows
VariantClear
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE