CancelDll
LoadDll
Behavioral task
behavioral1
Sample
366508fbcaec3b8604a34bfe350b348c_JaffaCakes118.dll
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
366508fbcaec3b8604a34bfe350b348c_JaffaCakes118.dll
Resource
win10v2004-20240709-en
Target
366508fbcaec3b8604a34bfe350b348c_JaffaCakes118
Size
91KB
MD5
366508fbcaec3b8604a34bfe350b348c
SHA1
2d0ea3bac134b8dd81b72e923f42919278929d9b
SHA256
3b431a0e63f9edb5edb6e0d419b309487833bbcff467c8a075d90702d3884ec7
SHA512
1600056b17265a4b412526cfb36b55c426532cc17334ae25fc7482987dfccfc0ee7df35c3b85a23826fa7875d581605d60de681e30b8765145e5267bd32ac1fe
SSDEEP
1536:jpSyrn1CZZV1ErUuXippOn/gtbzMaofbuPgpjIti9wVaPQvC6X91eL:gyLSzErUuy6n/W6lpjIE9w0E1+
Processes:
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
Processes:
resource |
---|
366508fbcaec3b8604a34bfe350b348c_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE