PrivateMasters
c_islower
c_ispunct
careadlinkatcwd
find_executable
fixup_null_alloc
npgettext_aux
rpl_stat
sigemptyset
xreadlink
Static task
static1
Behavioral task
behavioral1
Sample
282c47c5dd4b73d928a5820848d6ff24_JaffaCakes118.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
282c47c5dd4b73d928a5820848d6ff24_JaffaCakes118.dll
Resource
win10v2004-20240704-en
Target
282c47c5dd4b73d928a5820848d6ff24_JaffaCakes118
Size
3.2MB
MD5
282c47c5dd4b73d928a5820848d6ff24
SHA1
bf408846a3585993dcad044f2122417089c5074b
SHA256
db5519dc5cef09652e918a2c105fc40191c5d35b719ffa6bfefb3ee8d89f2211
SHA512
ec5ebf8dccac149f54e8f7c0efc39c8b0c22938cd2da6baab26d2ffd0f25f310cd5bf5cf704eba68847df2cecbfeba6933be65dd1f9ec54ff8adc3a3f34b0e8f
SSDEEP
49152:oDVFQdCRxlST2a0MtR3DTZ7r4iqkAsdotN5GNP+NCu8kw/j/b5Ye/Q8B/+QRemj1:1kX9a0Mr31AsdOPJNYkbCBml
Checks for missing Authenticode signature.
resource |
---|
282c47c5dd4b73d928a5820848d6ff24_JaffaCakes118 |
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CoTaskMemRealloc
CoAllowSetForegroundWindow
DeleteCriticalSection
CloseHandle
FindFirstChangeNotificationA
SetFileApisToANSI
CreateFileMappingW
LocalAlloc
DeleteFileW
EnterCriticalSection
ReadFileEx
LocalLock
GetComputerNameExW
CreateJobObjectA
LocalHandle
CreateEventA
WideCharToMultiByte
TlsSetValue
WriteFile
ClearCommBreak
GetCurrencyFormatA
FormatMessageA
VirtualFree
SetCommBreak
SetEvent
FindCloseChangeNotification
SetInformationJobObject
GetCommandLineW
LocalFree
ResetEvent
CreateFileW
SetEnvironmentVariableA
CompareStringW
WriteConsoleW
GetTimeZoneInformation
GetProcessHeap
SetEndOfFile
GetDriveTypeW
GetStringTypeW
LCMapStringW
RtlUnwind
GetLastError
SetLastError
SystemTimeToFileTime
GetSystemTime
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
InterlockedCompareExchange
TlsAlloc
TlsGetValue
TlsFree
GetCurrentThreadId
InterlockedExchangeAdd
DeleteFiber
SwitchToFiber
CreateFiber
FindNextFileW
FindFirstFileW
MultiByteToWideChar
FindClose
GetProcAddress
GetModuleHandleW
GetVersion
GetFileType
GetStdHandle
ConvertFiberToThread
ConvertThreadToFiber
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
FreeLibrary
LoadLibraryA
LoadLibraryW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
TerminateProcess
GetCurrentProcess
HeapFree
HeapAlloc
GetCommandLineA
RaiseException
HeapReAlloc
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileExA
ExitProcess
IsProcessorFeaturePresent
HeapCreate
HeapDestroy
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleFileNameW
Sleep
HeapSize
SetHandleCount
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
GetFullPathNameA
GetFileInformationByHandle
PeekNamedPipe
CreateFileA
GetCurrentDirectoryW
ReadFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetStdHandle
SetFilePointer
GetDlgCtrlID
ShowWindow
DestroyCursor
RedrawWindow
GetDlgItem
InvalidateRect
SetWindowLongA
GetWindowTextA
GetMenu
SendMessageA
SetMenu
MessageBoxW
GetUserObjectInformationW
GetProcessWindowStation
EndPath
BeginPath
PolyPolygon
PolyBezier
CreatePen
SetPolyFillMode
Polygon
SelectClipPath
CryptSignHashW
ReportEventW
RegisterEventSourceW
CryptReleaseContext
CryptGenRandom
CryptAcquireContextW
CryptEnumProvidersW
LsaFreeMemory
RegSetValueExW
SetUserFileEncryptionKey
BackupEventLogW
FreeSid
AllocateAndInitializeSid
LsaClose
RegQueryValueExW
LsaAddAccountRights
FlushTraceW
CopySid
EncryptionDisable
GetKernelObjectSecurity
LsaEnumerateAccountRights
LsaOpenPolicy
ConvertStringSidToSidA
SetThreadToken
PrivilegedServiceAuditAlarmA
CryptDestroyKey
CryptGetProvParam
CryptGetUserKey
CryptExportKey
CryptDestroyHash
DeregisterEventSource
CryptSetHashParam
CryptCreateHash
CryptDecrypt
send
WSASetLastError
recv
WSAGetLastError
WSACleanup
closesocket
CertGetCertificateContextProperty
CertFreeCertificateContext
CertOpenStore
CertFindCertificateInStore
CertEnumCertificatesInStore
CertDuplicateCertificateContext
CertCloseStore
PrivateMasters
c_islower
c_ispunct
careadlinkatcwd
find_executable
fixup_null_alloc
npgettext_aux
rpl_stat
sigemptyset
xreadlink
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ