Activate
DllCanUnloadNow
DllGetClassObject
HookProc
Logoff
Logon
Start
Behavioral task
behavioral1
Sample
a11c14a1a625e6f63b23ca932706fe65_JaffaCakes118.dll
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
a11c14a1a625e6f63b23ca932706fe65_JaffaCakes118.dll
Resource
win10v2004-20240802-en
Target
a11c14a1a625e6f63b23ca932706fe65_JaffaCakes118
Size
26KB
MD5
a11c14a1a625e6f63b23ca932706fe65
SHA1
71126baa747de73b459edcb8871b1aa41db5a30b
SHA256
dded6b71e6c10af57606b39aeb740ea8ad8d9e31ddfc52a760f5aaca034df32e
SHA512
15a1d582150b932ea92d16d0ae208e9849b3f49c7dfd297ccd62bec9db44c5df2dce34c500374adc3929ece22d9fff03f82999d838c096c8b6ce91ff49bdb14b
SSDEEP
384:9OAbihA9qkhZEjPF+gMxVrDCh6Sm1k59Fy0rpfl6JvQVDat:cAGYqIj/xwh6Smyy0rdAxQVWt
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
a11c14a1a625e6f63b23ca932706fe65_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Activate
DllCanUnloadNow
DllGetClassObject
HookProc
Logoff
Logon
Start
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ