EndWork
Level
MainCode
MainService
Runing
Static task
static1
Behavioral task
behavioral1
Sample
147ae9943cd9ebc8abd76ed16d65c0b0_JaffaCakes118.dll
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
147ae9943cd9ebc8abd76ed16d65c0b0_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Target
147ae9943cd9ebc8abd76ed16d65c0b0_JaffaCakes118
Size
11.5MB
MD5
147ae9943cd9ebc8abd76ed16d65c0b0
SHA1
89b9cd11b11b05507b5eb3f70c647c8cd0771880
SHA256
369f10fb7385b5825a02bce3db690f2a2ab2968437dec89c285161f99b261914
SHA512
e433dfc25231421d160fa7b9c3ac5f2427a4c6f7608f1556e3c6a08346be5feaf825598eed7b7d83527f0715531dec225160f898ecf8f7335ee6f94c942d0622
SSDEEP
3072:gnhYWXXnW5Jz0KnqsIAhNBkAydflKG333333333333333333333333333333333v:gn6WXXn6B1qN8fkzz
Checks for missing Authenticode signature.
resource |
---|
147ae9943cd9ebc8abd76ed16d65c0b0_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
GetProcAddress
LoadLibraryA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
CreateEventA
CloseHandle
WaitForSingleObject
ResetEvent
lstrcpyA
SetEvent
CancelIo
Sleep
DeleteFileA
GetLastError
CreateDirectoryA
GetFileAttributesA
lstrlenA
FreeLibrary
GetDriveTypeA
GetDiskFreeSpaceExA
GetVolumeInformationA
GetLogicalDriveStringsA
FindClose
LocalFree
FindNextFileA
LocalReAlloc
FindFirstFileA
LocalAlloc
GetFileSize
ReadFile
SetFilePointer
MoveFileA
lstrcatA
CreateProcessA
CreateThread
TerminateThread
InterlockedExchange
Process32Next
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
GetTickCount
WriteFile
CreateFileA
GetLocalTime
HeapFree
GetProcessHeap
OutputDebugStringA
HeapAlloc
UnmapViewOfFile
GetModuleHandleA
VirtualFree
VirtualAlloc
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GetStartupInfoA
PeekNamedPipe
WaitForMultipleObjects
LocalSize
TerminateProcess
OpenProcess
GetCurrentThreadId
GlobalMemoryStatus
GetSystemInfo
GetComputerNameA
GetVersionExA
OpenEventA
SetErrorMode
GetCurrentProcess
GetWindowsDirectoryA
SetFileAttributesA
CopyFileA
ExpandEnvironmentStringsA
GetModuleFileNameA
RaiseException
memset
??2@YAPAXI@Z
memcmp
free
malloc
_except_handler3
strcmp
sprintf
strcpy
strrchr
puts
strcat
__CxxFrameHandler
_beginthreadex
atoi
wcstombs
rand
_access
srand
calloc
_initterm
_adjust_fdiv
strstr
strlen
_ftol
ceil
memmove
strncpy
memcpy
??3@YAXPAX@Z
_strrev
_stricmp
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
EndWork
Level
MainCode
MainService
Runing
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ