DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Static task
static1
Behavioral task
behavioral1
Sample
0bf08bccacd533bc2cf35b1254a47a56_JaffaCakes118.dll
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
0bf08bccacd533bc2cf35b1254a47a56_JaffaCakes118.dll
Resource
win10v2004-20240611-en
Target
0bf08bccacd533bc2cf35b1254a47a56_JaffaCakes118
Size
93KB
MD5
0bf08bccacd533bc2cf35b1254a47a56
SHA1
58ed02f890d210fb5141773fceffad466e44a9a4
SHA256
cef371aafad24e898ec9b9c3beebb0f7fe978195ef804623f621bf1ebc205209
SHA512
c4d54943ee6daa638287b7c980783fa95478d0ba7158329533e7d09b74cc6a31e9ccf558a5b39af96981a9cf1526600ca7bd4baa0865783bce76d5fc2b070b5b
SSDEEP
1536:P10uPsV0OPG4dZxW8wXqOwXyrjB/cT34BmfhMt+ZVxaALp7rXv+dWXOWbsdkV:P10MmFYjB/jIfxVDLp+dYOfkV
Checks for missing Authenticode signature.
resource |
---|
0bf08bccacd533bc2cf35b1254a47a56_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ord6467
_except_handler3
IsCharAlphaNumericA
RegDeleteKeyA
CoTaskMemFree
VariantClear
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE