DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Windows 7 will be removed from tria.ge on 2025-03-31
Behavioral task
behavioral1
Sample
049e27dfd2b583e8ac25e8de3ac28498_JaffaCakes118.dll
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
049e27dfd2b583e8ac25e8de3ac28498_JaffaCakes118.dll
Resource
win10v2004-20240611-en
Target
049e27dfd2b583e8ac25e8de3ac28498_JaffaCakes118
Size
189KB
MD5
049e27dfd2b583e8ac25e8de3ac28498
SHA1
430d33c1d91c141933cc720fa55258e432b6e4a0
SHA256
d11022e0aa9793ba109f636ca11375dc304bb225508ce0dde72bd3147765b0de
SHA512
29086fc5ce720c85ac066c2e3b4b53cd9f7df727993325216149628c1a30044c82b894876168e13608241601fa8fbc7b8295df0a4644d697175899f9cabb0af9
SSDEEP
3072:roZeySYi97bbrMbvT0q8O1cZPzQ7IXMBc+AMP+QfQEhxFyVU7PUurCQEhxFyVU7E:rOAYidwvP6bQ7yMP+DE827s0CQE8274X
| resource | yara_rule |
|---|---|
| sample | aspack_v212_v242 |
Checks for missing Authenticode signature.
| resource |
|---|
| 049e27dfd2b583e8ac25e8de3ac28498_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE