DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Static task
static1
Behavioral task
behavioral1
Sample
38fae1c1760612e2a99bdcaf2df88a85_JaffaCakes118.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
38fae1c1760612e2a99bdcaf2df88a85_JaffaCakes118.dll
Resource
win10v2004-20240709-en
Target
38fae1c1760612e2a99bdcaf2df88a85_JaffaCakes118
Size
52KB
MD5
38fae1c1760612e2a99bdcaf2df88a85
SHA1
c9e49496adbc7f771a7abe14f57857b697b3f3b7
SHA256
52013e6b7baafd563f334478fcd8d58c323d48e2a669e8254005c1f899bf22a1
SHA512
41d29f61d0a0a18a6d321da3592fce4167221eb99f2c37b7de8457cacce9aea8f2269637331f0050d04021644f2f3775e08eb9a36cb92cc9d576e7de6020e13f
SSDEEP
1536:kYzQit3teE2SW7rJYpq3x4EeSnFZmxAjnouy8:kYkMdVq7rJYk3mEeiTmxKout
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
Checks for missing Authenticode signature.
resource |
---|
38fae1c1760612e2a99bdcaf2df88a85_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE