CancelDll
LoadDll
Behavioral task
behavioral1
Sample
69438d0950c1ccd66d9725f11312c3ac_JaffaCakes118.dll
Resource
win7-20240708-en
Target
69438d0950c1ccd66d9725f11312c3ac_JaffaCakes118
Size
127KB
MD5
69438d0950c1ccd66d9725f11312c3ac
SHA1
a8726c6eeecfdade3d51227ee0051ca2468fb75a
SHA256
d791d0c289b3002551aed092f2112762953258b7d03656a4fb8e7955ba5246a0
SHA512
87115c7a61814eda4c9cdb2bb3e7619ec8f796be0f93233da8170d61f1ca18ac37bc0cc449576e609b3ead9bafd8a3c760d8ade4aff36e523cabca66b27284a8
SSDEEP
3072:l9L1xm6hpbVcYA8DRRprg+tC+tH4QGoQJxl15T:hnhppDAWtC2HrGoQJxl1N
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
69438d0950c1ccd66d9725f11312c3ac_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE