CancelDll
LoadDll
Behavioral task
behavioral1
Sample
895519a6624986f7a825deb892c216b1_JaffaCakes118.dll
Resource
win7-20240704-en
Target
895519a6624986f7a825deb892c216b1_JaffaCakes118
Size
97KB
MD5
895519a6624986f7a825deb892c216b1
SHA1
667a5b72a1aac36e63f9a40a5b62bff2cb540803
SHA256
95919167426e5ac966fd2cfa4f5d92b2a1881088088932b79d0e1fe721bab9b7
SHA512
e304f61421807e232a5c3ece2d057bb6c13378093e846570bd0a5987e9419c9840577aaa56ef87bb685995511ff56d74159cafde33dd23583a4ba0d8740e9aa3
SSDEEP
1536:QPHd2owFn+G5mAGHnWauh0ZD/KWGvISo/j3A7MJmRodpLodY:QP9hwdmPnWp0ZuWGvISobQ7MJBdp0dY
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
895519a6624986f7a825deb892c216b1_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE