CancelDll
LoadDll
Behavioral task
behavioral1
Sample
6770cdc898c782f68db82b2c44fbf7d8_JaffaCakes118.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
6770cdc898c782f68db82b2c44fbf7d8_JaffaCakes118.dll
Resource
win10v2004-20240709-en
Target
6770cdc898c782f68db82b2c44fbf7d8_JaffaCakes118
Size
94KB
MD5
6770cdc898c782f68db82b2c44fbf7d8
SHA1
089f0ca5b53ab7f46dee35d3d5f92f13116a918c
SHA256
d50b80722418fdbd091d031db4da5f6dc7432fc912d29b510c989e4737bf572d
SHA512
3865b59c7a025e64a6ca7ff11727e1c7cc6d5b95d87e3dbabc3b4fb46ac3f3030cf9eedd695af37af6428a8353fd16e24e19203becb6b8595b295b6d08fe1b07
SSDEEP
1536:LmSQNbJE1vj8gDxkOLvtIXG16vAFsiab+neLpgJF7BeBQR:LmFty1L8gDyOLtUG4oFsiaIelgJVBeBG
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
6770cdc898c782f68db82b2c44fbf7d8_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE