SetHooks
UnHook
Static task
static1
Behavioral task
behavioral1
Sample
667eb94b9cfba3e7754422bf4d055b64_JaffaCakes118.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
667eb94b9cfba3e7754422bf4d055b64_JaffaCakes118.dll
Resource
win10v2004-20240709-en
Target
667eb94b9cfba3e7754422bf4d055b64_JaffaCakes118
Size
20KB
MD5
667eb94b9cfba3e7754422bf4d055b64
SHA1
4ac0f313acfd419762d5b451f8564e8e9877d791
SHA256
e0b91e140ffc9cd6df6a95e24829c1db3042a6bb98321b3ad64ce9025edd326b
SHA512
dc9be514c18c532ce7337370d2954d5311c89f87daafe4e645e23ea341c5602eb3ffa07c113651273b5f89c865fb17c34f1ee90054b9e17468a68a08c3ae4bb0
SSDEEP
48:qWyjFXAQJHHodcVnugya//QgTgXo4oZnxo9chVmVQSRSyrNjC/YqkhGqwGeXnV:ZyBounu5aXd04PJ6YYVk1nknLk
Checks for missing Authenticode signature.
resource |
---|
667eb94b9cfba3e7754422bf4d055b64_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
lstrcpyA
lstrcatA
GetSystemDirectoryA
SetFileAttributesA
_lclose
_lcreat
_lopen
CloseHandle
WriteFile
lstrlenA
SetFilePointer
CreateFileA
GetTimeFormatA
GetDateFormatA
SetWindowsHookExA
GetKeyNameTextA
GetKeyboardState
ToAscii
CallNextHookEx
SendMessageA
GetForegroundWindow
strcmp
_strupr
strtok
strstr
fopen
fgets
strcspn
??2@YAPAXI@Z
fclose
SetHooks
UnHook
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ