InstallService
ServiceMain
UninstallService
installA
uninstallA
Static task
static1
Behavioral task
behavioral1
Sample
6510cee34da30c7ef5e5e39980402257_JaffaCakes118.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
6510cee34da30c7ef5e5e39980402257_JaffaCakes118.dll
Resource
win10v2004-20240709-en
Target
6510cee34da30c7ef5e5e39980402257_JaffaCakes118
Size
17KB
MD5
6510cee34da30c7ef5e5e39980402257
SHA1
5069d27e6e13431d82dd88ab32a40d9420b7e57d
SHA256
e94717fcd6f21d121cbb128feec269cc6b82b7c36b224ae04d67ea3713442927
SHA512
b29d4ff5c5eb6b4f75fe221c85e9a0fe9414e83ee2308de7e09fc595b56ca3e6364930dc63588ceef6887e7f1e8536b3c51a36a37c2ac2df74f2744b95a9c0ca
SSDEEP
384:9wp91p98TpoewddqXOddqXNKOdyv6guvI7qSHyELu6JAH/:9wp91p9YoeHV8OdyyJA9HyELC
Checks for missing Authenticode signature.
resource |
---|
6510cee34da30c7ef5e5e39980402257_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
GetWindowsDirectoryA
GetLongPathNameA
WinExec
Sleep
GetModuleFileNameA
RegOpenKeyExA
SetServiceStatus
OpenSCManagerA
LockServiceDatabase
OpenServiceA
ChangeServiceConfigA
RegisterServiceCtrlHandlerA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegDeleteValueA
CloseServiceHandle
UnlockServiceDatabase
InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle
_adjust_fdiv
malloc
_initterm
free
sprintf
memset
wcstombs
strncpy
atoi
fclose
fflush
??3@YAXPAX@Z
fwrite
fopen
strrchr
strcat
??2@YAPAXI@Z
atol
sscanf
strstr
strlen
strcpy
InstallService
ServiceMain
UninstallService
installA
uninstallA
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ