AddReply
HandleEventHook
RegisterCallback
Behavioral task
behavioral1
Sample
40e1298ccd800f5b1be16df68856044d_JaffaCakes118.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
40e1298ccd800f5b1be16df68856044d_JaffaCakes118.dll
Resource
win10v2004-20240709-en
Target
40e1298ccd800f5b1be16df68856044d_JaffaCakes118
Size
299KB
MD5
40e1298ccd800f5b1be16df68856044d
SHA1
adf76eb9ace06a15abbdf697d48a62b60023df2f
SHA256
4c898da56d6ba93688ab354c5a3236f4b53caab865b9043af4da6d4489160ff6
SHA512
ecf420f1366c2e0493b42e048a27315feb94de2eb4d617ed34c161f171f841308069cfe9c15d2cb7ac14ad08c586753eb59ff51f50d3c379606ee4c9706b6f31
SSDEEP
6144:zcG0nJF1cNwPLvoqg0R2VhPefm0To3hIVzsozLwRDph0RAf14aH:I1JF1c2obY7YhiYoHabGo14C
resource | yara_rule |
---|---|
sample | aspack_v212_v242 |
Checks for missing Authenticode signature.
resource |
---|
40e1298ccd800f5b1be16df68856044d_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
AddReply
HandleEventHook
RegisterCallback
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE