DllMain
fltInfo
fltLoad
fltSave
Windows 7 will be removed from tria.ge on 2025-03-31
Behavioral task
behavioral1
Sample
056086178f890f470e453cbcc9747db4_JaffaCakes118.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
056086178f890f470e453cbcc9747db4_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Target
056086178f890f470e453cbcc9747db4_JaffaCakes118
Size
43KB
MD5
056086178f890f470e453cbcc9747db4
SHA1
5f23e2fedb277f4ea75f9e61fbba9782658caabb
SHA256
cbbfd08cab08f6b71d865421bcbbcfdfb52db944582a7fd6f174ac74a1494a80
SHA512
b2f19e06504884517fcad8a4719d6210386d4271b72c61d57f55bd14efcec6a82a4349a72fedf67115bd36f942eae88eb5137418b7b9fde7e2d6c4557851ab71
SSDEEP
768:enEwgbnNKirMgnV5/oRAHRasXuC7fGKELfDzGFhno68Lno4dc3BxVha51x:enEdbnoGMgVym3uC7bS2boR7oac3X8x
| resource | yara_rule |
|---|---|
| sample | aspack_v212_v242 |
Checks for missing Authenticode signature.
| resource |
|---|
| 056086178f890f470e453cbcc9747db4_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
DllMain
fltInfo
fltLoad
fltSave
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE