DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Behavioral task
behavioral1
Sample
63ecba6cf697b5310160ff0bb28294c9_JaffaCakes118.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
63ecba6cf697b5310160ff0bb28294c9_JaffaCakes118.dll
Resource
win10v2004-20240709-en
Target
63ecba6cf697b5310160ff0bb28294c9_JaffaCakes118
Size
169KB
MD5
63ecba6cf697b5310160ff0bb28294c9
SHA1
202a7841f9ecbbe8ca3df35f85dc522672c534d3
SHA256
3dd44f8ff0f81e52ec65ba5c9745b836b1fa0ec1c9726501172f5cd5f5721aab
SHA512
6b49c8c908cec5bc0fce52a33f40903b231b8b23bd5e87a9b54f1c2f7d7fcc9be843868f58ae961eab39b28aaebc42ae3dde8f8d6bfdd5755be1553139b5c763
SSDEEP
3072:q4e+u+R98G+smbbrMbvT0q8O1cZPzQ7IXMBc+AMP+QfQEhxFyVU7WCAEhxFyVU70:Hc9wvP6bQ7yMP+DE827aE827xyLc8
resource | yara_rule |
---|---|
sample | aspack_v212_v242 |
Checks for missing Authenticode signature.
resource |
---|
63ecba6cf697b5310160ff0bb28294c9_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE