DllMain
xInstall
xUninstall
Static task
static1
Behavioral task
behavioral1
Sample
71d326ea0f0f9b64fa07d0e0eec9cfbd_JaffaCakes118.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
71d326ea0f0f9b64fa07d0e0eec9cfbd_JaffaCakes118.dll
Resource
win10v2004-20240709-en
Target
71d326ea0f0f9b64fa07d0e0eec9cfbd_JaffaCakes118
Size
18KB
MD5
71d326ea0f0f9b64fa07d0e0eec9cfbd
SHA1
0f01703df0cf2ec722c7cf9f6f2994db7fe65da4
SHA256
c757569f3870723b215802bd1ec5ec430c34012d1912ec093a61820bea289565
SHA512
463fbd9ce3c3554bbc1886bbe78017a8efa4d6e95c63264f3c94f9a7505059a22a13e854656629400f2b0cb6dd17dcfb922b4972973d218f496aaecb50651058
SSDEEP
384:gkDARt3mmfD2MLNwh5VHyoccyzl/e+SvysAAg:gkUf372MQCo/UW+Svysz
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
Checks for missing Authenticode signature.
resource |
---|
71d326ea0f0f9b64fa07d0e0eec9cfbd_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
DllMain
xInstall
xUninstall
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE