DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Static task
static1
Behavioral task
behavioral1
Sample
34abc8b8137781c065dd24071dd8adf0_JaffaCakes118.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
34abc8b8137781c065dd24071dd8adf0_JaffaCakes118.dll
Resource
win10v2004-20240709-en
Target
34abc8b8137781c065dd24071dd8adf0_JaffaCakes118
Size
47KB
MD5
34abc8b8137781c065dd24071dd8adf0
SHA1
4ea1ddad545c85a126b95eea6075a6cf973d3ea8
SHA256
d89c467f368864aad27ee27603e056c919d634e94f9ed59f0714b44e948de217
SHA512
6024520c138d6026ae3639d52fe3f75e61e0f7f198a883518b92507812874eac8afc3eeac07a4f38b804be02da5e851d4acf58661ba7fca660d1959132d581d7
SSDEEP
768:jyfbNuoBrwpv/gmF3HRlaQdJUkYKa0+hkUywf2YKHE1BRt80p:jyfsohwdgu38kYZNiUyweYKHkBRtx
Checks for missing Authenticode signature.
resource |
---|
34abc8b8137781c065dd24071dd8adf0_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
htons
connect
closesocket
socket
recv
send
ioctlsocket
WSAStartup
gethostbyname
LocalFree
LoadLibraryA
GetProcAddress
GetLastError
IsBadReadPtr
GetSystemInfo
WideCharToMultiByte
GetModuleHandleA
InterlockedDecrement
GetModuleFileNameA
GetCurrentProcess
lstrcpynA
CreateFileA
FlushInstructionCache
Sleep
CreateThread
wsprintfA
CallNextHookEx
CoCreateInstance
OleRun
SysAllocString
VariantClear
SysFreeString
GetErrorInfo
_strupr
??1type_info@@UAE@XZ
_strdup
_CxxThrowException
_adjust_fdiv
_initterm
_onexit
__dllonexit
strchr
atoi
free
isalpha
isdigit
realloc
malloc
wcslen
??2@YAPAXI@Z
sprintf
??3@YAXPAX@Z
__CxxFrameHandler
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ