CancelDll
LoadDll
Windows 7 will be removed from tria.ge on 2025-03-31
Behavioral task
behavioral1
Sample
8e278af072cff8d5d1fccbbeb7fa7369_JaffaCakes118.dll
Resource
win7-20240704-en
Target
8e278af072cff8d5d1fccbbeb7fa7369_JaffaCakes118
Size
108KB
MD5
8e278af072cff8d5d1fccbbeb7fa7369
SHA1
5ce8a986226188b5a6aaf9cf9dd652eb50074aaf
SHA256
94c4fa2a80c2e615e0e58301bc4820a830bc64b087fb60f400bd53e1da579c3b
SHA512
d3e7550588800bf2a426df9e3b1a4aef2a03db5f44fdcf6731cb0317e16ae506ff4133c9af15f86c3986d63663a2f5389dc6ebf8784c89350f0c7b4572e3af76
SSDEEP
3072:0RBNXdAK87xbMdlMmxKf2vLhrLtSO8VIqqKMI6+Tn:0RBBdBibMdOSKf2TtRF8VIOMF+j
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
8e278af072cff8d5d1fccbbeb7fa7369_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE