CancelDll
LoadDll
Behavioral task
behavioral1
Sample
86c26cd2c3a05ba7a4d0e789c350648d_JaffaCakes118.dll
Resource
win7-20240729-en
Target
86c26cd2c3a05ba7a4d0e789c350648d_JaffaCakes118
Size
111KB
MD5
86c26cd2c3a05ba7a4d0e789c350648d
SHA1
679530a9a2c5a4094be2cb600e52e708944320d3
SHA256
ddaf585d681c2ff88c9c2d36b7e44d251104a855c904ce9c5474d9e92319886b
SHA512
3cb469e7340de4a31f1059150a072fc47765972f32765dccabdd7623353062980ac4eb7b6c661fcdd320efdf08e20aab75226798a21222d2df7d458c9b1acac5
SSDEEP
1536:e8/mATyLDMEsXTzObs7FHONYMqqapgwihvO7gcEGpKatiHXPEaPfsOTfG+l9u:YwgIEcOAhKYMk6zhvO7gRGUatp6ftfGb
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
86c26cd2c3a05ba7a4d0e789c350648d_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE