StartHook
wulinOff
wulinOn
Static task
static1
Behavioral task
behavioral1
Sample
2f743049b932cf0e3f3e9e2ac9076b62_JaffaCakes118.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2f743049b932cf0e3f3e9e2ac9076b62_JaffaCakes118.dll
Resource
win10v2004-20240704-en
Target
2f743049b932cf0e3f3e9e2ac9076b62_JaffaCakes118
Size
46KB
MD5
2f743049b932cf0e3f3e9e2ac9076b62
SHA1
43f3e68478c635fa76c0292b7e51f2feadfa45da
SHA256
4febc1fa71085230269e0f7c71a52460863e1bbecd78fcecd614cc02e4e8c6a2
SHA512
fbfd5d09ec517cb61e0380d430e984eefe1ee3fd8c2a03af54d078bc7d6f0e6260ce8f6594c76c9e06aa5819d211bba85d192e561c52a32a5aff754f84e58cec
SSDEEP
768:Dy5qsmQHqwywCNtI+GvCAmw99RUSnDtl1ecKqrbfQTxsw4Ot3fmuzr/r8x:25qsmQHgNuDvCKRJecKuU9J5eQr/Yx
Checks for missing Authenticode signature.
resource |
---|
2f743049b932cf0e3f3e9e2ac9076b62_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
StartHook
wulinOff
wulinOn
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ