CancelDll
LoadDll
Behavioral task
behavioral1
Sample
a5707d816f5f94948b234a05be2d9946_JaffaCakes118.dll
Resource
win7-20240704-en
Target
a5707d816f5f94948b234a05be2d9946_JaffaCakes118
Size
97KB
MD5
a5707d816f5f94948b234a05be2d9946
SHA1
729714f50111b5b29bd775b7f3bd81dd1d6cd0ef
SHA256
ec8264331beb2f5fd5933d4aa6d0c655be1e7c72e2c4713a15db49e8f3e66e3f
SHA512
44c6df52fd788fcbfd567f8e276567b05c7e64be8170109f0bc7776b25027b68ce2aed19c4e7bcaf5c48d90b9c60557f16cde3bea69c534881a8d60ea71551f8
SSDEEP
1536:AnSIWWZU3mEo63JDaaKPrMd+MbKCJk3Wqlg0OMu+RSmubOz:ZF3mEP3JDLKPrXxCJkmkPu+gmu0
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
a5707d816f5f94948b234a05be2d9946_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE