CancelDll
LoadDll
Behavioral task
behavioral1
Sample
730e646b09d9ebdea71ff000b08efd0f_JaffaCakes118.dll
Resource
win7-20240708-en
Target
730e646b09d9ebdea71ff000b08efd0f_JaffaCakes118
Size
4.1MB
MD5
730e646b09d9ebdea71ff000b08efd0f
SHA1
abb2edc9cb16bdd68e58e0932086ef8c64813e0b
SHA256
42a2347cb04c09d0aa2c8b6f5cee6d4463a3beaf817ecb4b50c71664f5fbb5a5
SHA512
225a8c0a4700bd17f7a71e2a17fcad10cde0f46ca786ae84e394f30d19473dc5444d2daf871793b9e69ea91c1d8554f5a77ca0db1e2377a2a1035f9fc17477ce
SSDEEP
3072:whw/3LS+ivqnBAhc+o8dcJS3ExkeUVEXO8O1:wy/LSYnZL8dcJS0ueUVz8O1
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
730e646b09d9ebdea71ff000b08efd0f_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE