CancelDll
LoadDll
Behavioral task
behavioral1
Sample
1a238f29a84276eaf6112d66f08e238f_JaffaCakes118.dll
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
1a238f29a84276eaf6112d66f08e238f_JaffaCakes118.dll
Resource
win10v2004-20240611-en
Target
1a238f29a84276eaf6112d66f08e238f_JaffaCakes118
Size
6.4MB
MD5
1a238f29a84276eaf6112d66f08e238f
SHA1
bd381544655b31be394feecc87cfcaee64b05a3e
SHA256
11b76d940d0bed5d0a0ea761d4258a572881702a48a987af79ba514a4116dcd6
SHA512
d0e52e7bcfe8f95c90843a479c632b92bfb7bd0500bad1cac2e586591efca67dcc454e38d21fa2fb9bb0d231eb2347ab7de6186432f9806d360c953aa57eb312
SSDEEP
1536:OQvJIzBVpeR6fG3IbTHo79oAz9ig7zVNAIDo0Y4/a0/bJCu6l4q+lQ23Ig8:OQOiR6fGSTiXzwg7z/AAoP4C6CF83Ig8
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
1a238f29a84276eaf6112d66f08e238f_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE