DllManagerReadProcess
HookVantiReadProcess
Static task
static1
Behavioral task
behavioral1
Sample
a5fdf46de8f86d63a4ddee71a3a26ecc_JaffaCakes118.dll
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
a5fdf46de8f86d63a4ddee71a3a26ecc_JaffaCakes118.dll
Resource
win10v2004-20240802-en
Target
a5fdf46de8f86d63a4ddee71a3a26ecc_JaffaCakes118
Size
15KB
MD5
a5fdf46de8f86d63a4ddee71a3a26ecc
SHA1
b84fe4726cebd6199d0b2bba23b617138f655e17
SHA256
196d9469a357c188f38c121a6ec5beab67a0e781736ca91d38f464c24c5fc90a
SHA512
38193cd68b4b557cf24acbec5f4e419cf8a522ab0f2f4cd3ef4c537e4608563937dd9b7aefd5c6026f97995ecfca818706dab3ba28bebcf030b74015512a9f8c
SSDEEP
384:FgZ1TuXGGho/lOPWy2bjUwUHUGA8keF9Wr+V6WztK52NDC:FpW3lOPWyYjUtHUGA8V2yYWQ52hC
Checks for missing Authenticode signature.
resource |
---|
a5fdf46de8f86d63a4ddee71a3a26ecc_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
DllManagerReadProcess
HookVantiReadProcess
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE