CancelDll
LoadDll
Behavioral task
behavioral1
Sample
24dd48c5a8b08470064aafd2c2fbf527_JaffaCakes118.dll
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
24dd48c5a8b08470064aafd2c2fbf527_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Target
24dd48c5a8b08470064aafd2c2fbf527_JaffaCakes118
Size
111KB
MD5
24dd48c5a8b08470064aafd2c2fbf527
SHA1
b652a6e782055364721d57ac7eb8d0c4e90e99c2
SHA256
25190a99928a68308ca63a81d8414e3bd7d2c202eb640024f1d64a54843f9359
SHA512
b5ba161fc8fcb3c90e1e8bc5a48a9608917018d3904021b6c94b290761ca1597229f491f78fbf4f0c4cdcbe4bb1f8b3535c913957991712e89c883a188464c81
SSDEEP
3072:LmFty1L8gDyOT1d+IMojmojkReV9oSN2w:LUty1Fy8+cjmekU
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
24dd48c5a8b08470064aafd2c2fbf527_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE