DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn
Static task
static1
Behavioral task
behavioral1
Sample
0fa5e433c7a457c9a05a51ebbd7d99e4_JaffaCakes118.dll
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
0fa5e433c7a457c9a05a51ebbd7d99e4_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Target
0fa5e433c7a457c9a05a51ebbd7d99e4_JaffaCakes118
Size
90KB
MD5
0fa5e433c7a457c9a05a51ebbd7d99e4
SHA1
e30b640db9b4453956ae1e1c32e036cf5091b291
SHA256
bdd39891dcc214b5ed5b89d40eaa84ad834a693e4adf2fef411952e4b8402a69
SHA512
6cac66a3c64f3cc2cfbc644092078cca1512cae7d2581efe9a21b1ad953a1192745a70e82a173cdd5e4a3a6254568649bc589359452ecd09272d2bc3a13bd24d
SSDEEP
1536:13nRc93e7Ogv6PVMU9B/YAAIHBFG/uOmPC+psXNofdbwohzuy/1w64eYAA:5n+3vgv6txB/9Ac/P7J1Nuy/1w64e9A
Checks for missing Authenticode signature.
resource |
---|
0fa5e433c7a457c9a05a51ebbd7d99e4_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE