CancelDll
LoadDll
Behavioral task
behavioral1
Sample
70dc1f43f2bdf1d001590651ad726a20_JaffaCakes118.dll
Resource
win7-20240708-en
Target
70dc1f43f2bdf1d001590651ad726a20_JaffaCakes118
Size
103KB
MD5
70dc1f43f2bdf1d001590651ad726a20
SHA1
063a1c919e68a99f3401953ae454de322913e481
SHA256
41e7af10de35e6259ca4e9cdcb073a0cd557ccc0f9e733ac65b2da2f16e50395
SHA512
e1ae8a1fe885cbaed65aad6638fd6829b51e3d473666926297877f1f0a72a73e7d2ff4dada6a816a7edc6b5b17d37bb62709c47f8c98f0781633703473d7624e
SSDEEP
1536:e8/mATyLDMEsXTzObNAbS0zdMBD5+SF5M9PFGG0XwQ0s5L1ABNUZS:YwgIEcOl0SBD5xFyTIh1ABuw
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
70dc1f43f2bdf1d001590651ad726a20_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE