_LOADLIBRARY_DUMMY
_RunAs@16
Windows 7 will be removed from tria.ge on 2025-03-31
Behavioral task
behavioral1
Sample
1305725d8a1c83c0a58e70e19f6a0a67_JaffaCakes118.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1305725d8a1c83c0a58e70e19f6a0a67_JaffaCakes118.dll
Resource
win10v2004-20240226-en
Target
1305725d8a1c83c0a58e70e19f6a0a67_JaffaCakes118
Size
136KB
MD5
1305725d8a1c83c0a58e70e19f6a0a67
SHA1
b689a9498c40403109990b8c0f4c6c39a7c282b8
SHA256
f0558e10dc09f85ef23ef5b28b3be877e1973adb0bd475639ae3be71a8bca373
SHA512
f4641e2f32382c7bdb075d3cc0385847cdf8a59ca997c6978342140e39fdcfa5686ca2f600612de707130b6fc354c6ee380efd54c40a020503d3b907047c751f
SSDEEP
1536:ssVVVHum9qaUXIkqgOL9AkYGvbiQdcghUYjtK8fMJ/nouy8mKozzx:nVH9qFVkYiOUtk8fMFoutmKoz
| resource | yara_rule |
|---|---|
| sample | upx |
Checks for missing Authenticode signature.
| resource |
|---|
| 1305725d8a1c83c0a58e70e19f6a0a67_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
_LOADLIBRARY_DUMMY
_RunAs@16
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE