CancelDll
LoadDll
Behavioral task
behavioral1
Sample
832648e7695556a5ab4a64123f6a8504_JaffaCakes118.dll
Resource
win7-20240729-en
Target
832648e7695556a5ab4a64123f6a8504_JaffaCakes118
Size
84KB
MD5
832648e7695556a5ab4a64123f6a8504
SHA1
578daf29ca9cf1d1e31f921b7ac4cdb92ee89356
SHA256
21765d8e8f9f8a6fdbbb7aa346500bc635757ed11e0a0629fe1f29e24a4b2cea
SHA512
8bfec77437e83161cd26704ffdbe18c38e88039888a30092b70f0b7b056dc783c3dcc72e7ceb256edd69e624166662659e925089cab0e44882429a9f7622c361
SSDEEP
1536:6MG5swHfatiJPRuuAPPEeLMkmhZzD+UNtBm7WoH:XEHfOiJp+XykACcvmyoH
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
832648e7695556a5ab4a64123f6a8504_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE