CancelDll
LoadDll
Behavioral task
behavioral1
Sample
5b905311fadd1b36b8e51878c029fc1e_JaffaCakes118.dll
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
5b905311fadd1b36b8e51878c029fc1e_JaffaCakes118.dll
Resource
win10v2004-20240709-en
Target
5b905311fadd1b36b8e51878c029fc1e_JaffaCakes118
Size
92KB
MD5
5b905311fadd1b36b8e51878c029fc1e
SHA1
40912eb51fe926770c47aed157401ca127d05ed1
SHA256
6d7b07dc2be3c5eecc3c4ab144fe4ad2eb9551cfceb4b49a7a855bbd30b81bf2
SHA512
f63caf49aeff6bfddeb3903828f41d7edb5216ec43dbb5410182720b52d4a8538d5b4eb010815a046116102106b9d1871331f58896952451c20da459e3cac65a
SSDEEP
1536:Jj3lafACV9qgjasHzYYAjDQPGWwEL+0x4rYbKAyMUf4:7RCVcAHzYRjDQeWLL+0ZbtW4
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
5b905311fadd1b36b8e51878c029fc1e_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE