DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn
Static task
static1
Behavioral task
behavioral1
Sample
6957b84a5fc84f0d783fcd3d5c2ef751_JaffaCakes118.dll
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
6957b84a5fc84f0d783fcd3d5c2ef751_JaffaCakes118.dll
Resource
win10v2004-20240709-en
Target
6957b84a5fc84f0d783fcd3d5c2ef751_JaffaCakes118
Size
158KB
MD5
6957b84a5fc84f0d783fcd3d5c2ef751
SHA1
31413a48b31a79fe9504ae38d48521fb64b2aeac
SHA256
8d357b2b8be19b0b3439c82e63ce9280390a3979dd21e105d3d99a47284de4be
SHA512
14717c92abbfae9be57b38c4fc3e5a0d2b0bf9797e810ae4ee475149640c1777bab4f5cebd1fe6856f251b43d2198f3135e55770bdfeb0dcc9dd2ae24bd70ef1
SSDEEP
1536:5iYgBnoEIjAiIm/fnZpT5KXmvx4apEvWlcWq4UpVCzMg9xOr:5iY6oZjj/ZptKs4cEYR68zMgQ
Checks for missing Authenticode signature.
resource |
---|
6957b84a5fc84f0d783fcd3d5c2ef751_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE