CancelDll
LoadDll
Behavioral task
behavioral1
Sample
8ae2c48f779bf70b9d3a2fe91a048740_JaffaCakes118.dll
Resource
win7-20240708-en
Target
8ae2c48f779bf70b9d3a2fe91a048740_JaffaCakes118
Size
96KB
MD5
8ae2c48f779bf70b9d3a2fe91a048740
SHA1
324725ce7b5b95f2e643dfd48c026293d4114eaa
SHA256
976be7b385e2214cd3bde0114e2eda561b2dca6c3399f43e340d0199cae0dd9d
SHA512
59fba7c6eedae2078af861090597c4bcab51f98689ed49a0728e2cc6c8e657f3da06efdb8d51f0c15f3b6b038647cecf7f7163bc6fa6857fcce6076a869b442f
SSDEEP
1536:qWNTI2j7IGPmy5guIRpbj/5V9rMbiWyhOsUXQZ3tTEjHDAGiR8V:qWNTHTey5HCRjj9DNFUXQZ3hAjAfWV
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
8ae2c48f779bf70b9d3a2fe91a048740_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE