ChangeMe
DllRegisterServer
RegisLongers
Behavioral task
behavioral1
Sample
0b2e1427ca06c6bf5661665b0f5ac4db_JaffaCakes118.dll
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
0b2e1427ca06c6bf5661665b0f5ac4db_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Target
0b2e1427ca06c6bf5661665b0f5ac4db_JaffaCakes118
Size
664KB
MD5
0b2e1427ca06c6bf5661665b0f5ac4db
SHA1
c4af4eab7a77c10ec1019fffee6f01a60c406fda
SHA256
64e35c66f8238152a079cc29d3eb8d62600badbb57f309b2914ad8103ad7ed79
SHA512
81edf964886a3ea1066efc77691c28a1ddbc542842ad1f213738d11a79b625eb79bf549ff7f31b5f588bb0c34eb781dd0ec60100f6d15ff22e652c2fb9480544
SSDEEP
12288:2si5g4y9f2QPRmxiDozjLst4kY/P5+YuaVaYlIALrDbzeZ5ea4HMn:2mxFT4jP5+titlJrDWx4i
resource | yara_rule |
---|---|
sample | aspack_v212_v242 |
Checks for missing Authenticode signature.
resource |
---|
0b2e1427ca06c6bf5661665b0f5ac4db_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
ChangeMe
DllRegisterServer
RegisLongers
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE