DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn
Static task
static1
Behavioral task
behavioral1
Sample
4cd1d332d2f6e4a3eb7072be5c19c618_JaffaCakes118.dll
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
4cd1d332d2f6e4a3eb7072be5c19c618_JaffaCakes118.dll
Resource
win10v2004-20240709-en
Target
4cd1d332d2f6e4a3eb7072be5c19c618_JaffaCakes118
Size
167KB
MD5
4cd1d332d2f6e4a3eb7072be5c19c618
SHA1
4cc12f29e93b068e2db39f7a33319409aee99576
SHA256
04ab7b98b1b1c92482545f2ec33523dde3e369c894d9b552c62231cc3e0678ec
SHA512
020ff6857d2488b75859f029eb88d1b3e2807d727a951b7b4c4ecc9196e743e608e95863c929b558eb813afdd5265df7ffceb261b3cdf5a8c557857348befdf9
SSDEEP
3072:apoue6JBetB8D+ly+xLV6KCzE7fQ6haM:apzTBeQyxh6KCzE79
Checks for missing Authenticode signature.
resource |
---|
4cd1d332d2f6e4a3eb7072be5c19c618_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE