CancelDll
LoadDll
Behavioral task
behavioral1
Sample
a0c6ec522ecd51640bef78c15f3cf568_JaffaCakes118.dll
Resource
win7-20240705-en
Target
a0c6ec522ecd51640bef78c15f3cf568_JaffaCakes118
Size
98KB
MD5
a0c6ec522ecd51640bef78c15f3cf568
SHA1
a398f930ac60ce6805bd764a9ae136ac0a7816e3
SHA256
3f8bb4e14232053397f99ef7795f8b5f6618b6046fb20473ccd8e80b174fa333
SHA512
91075f3d7a7f9d29853e7e054fd7abbeefc180847ec64a1e83be8ce3a86d1207767c33ae534985cd6b7f2add567eafb8976397db762866099bb378865ec5a218
SSDEEP
1536:DjMKODJPutB+69AmJMAcN/eN7a0Zwi8lhHAU/g0rq6MmWZNSshp:+MBpAmCFNGNO0R8ldLg0RFIjb
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
a0c6ec522ecd51640bef78c15f3cf568_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE