CancelDll
LoadDll
Behavioral task
behavioral1
Sample
2dc8942e3e67043f9390b43bad3b3a80_JaffaCakes118.dll
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
2dc8942e3e67043f9390b43bad3b3a80_JaffaCakes118.dll
Resource
win10v2004-20240704-en
Target
2dc8942e3e67043f9390b43bad3b3a80_JaffaCakes118
Size
100KB
MD5
2dc8942e3e67043f9390b43bad3b3a80
SHA1
122b5f8260a6bd540c2be7c3974f028ac22be2f4
SHA256
508a5a6a3578f6cbc04c6eaca9ba9cf399cfd74b76027ce2f92193a562d2c702
SHA512
b594ae47d59df5dd4254b75efae8b9d65f4285a9ae9b0929d0721c020270e026b318a5768ba2a9b6f3b043d6256a73f2c508f20c0422ef758b90061e8993d05d
SSDEEP
1536:pySXN/9GhFgVhQgN4+pLp5/K7VJxWH5EQoJt1BsyoePmdpwixH8:pymhYhCqgNzpLfKDxW5EXjBOpTxH8
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
2dc8942e3e67043f9390b43bad3b3a80_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE