CancelDll
LoadDll
Behavioral task
behavioral1
Sample
738e5b69e7b75f7105d2d3831951468d_JaffaCakes118.dll
Resource
win7-20240705-en
Target
738e5b69e7b75f7105d2d3831951468d_JaffaCakes118
Size
92KB
MD5
738e5b69e7b75f7105d2d3831951468d
SHA1
3212539b02d55e798587ce073e5066f71a64f357
SHA256
24bc5b3ccd3f939de6a38be044d462c97d5312fa3a279cd953ce61be27ee3c3b
SHA512
ae0492411b2f52c399d17f076f04fc2e693dbc045d4cb7e3f47f213185a96149533c61103f8bbd90b38375f12b17223c99d95a8d677f9d1ddd47daac6180b98e
SSDEEP
768:y3rZEz6fbtEsnyM/tFz0mKEG2GO/fTspfghAJBIBSXHUOcS7KgQrUvdGF3v9nnAJ:kFjbtlR0g+MA0mmMKUs7lVOi1DsSH2Tn
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
738e5b69e7b75f7105d2d3831951468d_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE