ServiceRouteExA
StartServiceEx
StopServiceEx
Static task
static1
Behavioral task
behavioral1
Sample
2be3481523392be25417d28691deb227_JaffaCakes118.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2be3481523392be25417d28691deb227_JaffaCakes118.dll
Resource
win10v2004-20240704-en
Target
2be3481523392be25417d28691deb227_JaffaCakes118
Size
17KB
MD5
2be3481523392be25417d28691deb227
SHA1
cfbe6a55e9f3e07e1d01b90a7461f7e0623cb197
SHA256
fa7a17fc23fb97f9c81d30532069c18f64aeb53de4a90feb251445d1e0b75a4d
SHA512
51f9cbac984c8af6c09a788b7e95652de57af07bf49b5a5fe824b208d6fd03f3243276e030aa9a8e33fd992cbd9f7d89636778eaab2b4cede2176bf08902cedb
SSDEEP
192:m7mFbyBrGv9OQMJcSQNzlPHO3aEZ27x5QhuBBQ6PRQkocOYPv9mCG:myF2Mv8QIufO3ybQhuBBQARQkjOYPv
Checks for missing Authenticode signature.
resource |
---|
2be3481523392be25417d28691deb227_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
gethostname
closesocket
RtlZeroMemory
memcmp
memcpy
strlen
strstr
VirtualProtectEx
InitializeCriticalSection
GetSystemDirectoryA
GetPrivateProfileStringA
GetLocalTime
WritePrivateProfileStringA
GetCommandLineA
lstrcpyA
lstrcmpiA
lstrcmpA
WaitForSingleObject
TerminateThread
Sleep
OutputDebugStringA
CloseHandle
CreateFileA
GetExitCodeThread
GetFileSize
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
EnterCriticalSection
lstrcatA
lstrlenA
CreateThread
DeleteCriticalSection
LeaveCriticalSection
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
wsprintfA
ServiceRouteExA
StartServiceEx
StopServiceEx
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.