DllCanUnloadNow
DllGetClassObject
Ponlgmk
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain
Behavioral task
behavioral1
Sample
72e9cc185032f8c9fba871deb65e0f78_JaffaCakes118.dll
Resource
win7-20240708-en
Target
72e9cc185032f8c9fba871deb65e0f78_JaffaCakes118
Size
216KB
MD5
72e9cc185032f8c9fba871deb65e0f78
SHA1
3df4168b91c376dfe3ce376c8921a98e1f818612
SHA256
0677be4c8ff2567c025538921f04380372ef953d3a03fea5459d7bbe59fe40dc
SHA512
89d54d5ee7f6886e7429fe3d9425a122948a8edf311a013d5a8efb6180d3300b34b92d32fd6e9c67ac3510f9ceb0b46850aacb4d665cfdb250d37d7290955a9a
SSDEEP
6144:Xhrl1NWPLfVYF3xqEhNR7mYd+Y2oSgOgt:rjWjVymYotoSgb
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
72e9cc185032f8c9fba871deb65e0f78_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
DllCanUnloadNow
DllGetClassObject
Ponlgmk
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE