CancelDll
LoadDll
Behavioral task
behavioral1
Sample
336dd843395fa77a5cacf50d0f709472_JaffaCakes118.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
336dd843395fa77a5cacf50d0f709472_JaffaCakes118.dll
Resource
win10v2004-20240709-en
Target
336dd843395fa77a5cacf50d0f709472_JaffaCakes118
Size
101KB
MD5
336dd843395fa77a5cacf50d0f709472
SHA1
acf3ae54cbece0df5821b10c755727a39e6659c8
SHA256
0441375f09b84aedeb88d10ce74d08fc0b045fb3c014f20484ce9a6a0218543a
SHA512
cc35166aaadbee78ea8429304207974fff89091a30b6e91f21da2b0812cf19cab72f1ab74a5ea0048e1098a2f223a9a71967160656904fd2e91a29039af410d1
SSDEEP
1536:AnSIWWZU3mEoVYtkiAebKuFIta1j87qa228MArwl8L:ZF3mEg4kiAebKZa1Imx2Yrwlu
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
336dd843395fa77a5cacf50d0f709472_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE