DllRegisterServer
DllUnregisterServer
onLogon
Static task
static1
Behavioral task
behavioral1
Sample
a81aadfbc68b5d6e478694dc4123072c_JaffaCakes118.dll
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
a81aadfbc68b5d6e478694dc4123072c_JaffaCakes118.dll
Resource
win10v2004-20240802-en
Target
a81aadfbc68b5d6e478694dc4123072c_JaffaCakes118
Size
5KB
MD5
a81aadfbc68b5d6e478694dc4123072c
SHA1
8cebc3a1f3eedf2c46d812e79c72880db4e04526
SHA256
35a82e249db926496d619d86adb61bbfe40f13e77c154a5ff9465c3b63d5e58b
SHA512
3d82a2d6adc5c95225ea680d17fb7ce3599ac7e21e586069992456f6006b942faee57059b242757b64786e1e88cf7464b5fbd9fcb0252e6649a3b1351dc91732
SSDEEP
96:gGHvnMoBDvCCslvtdhEArE/1pQxkpulLFjiyDXijo8RfAVIy6q:gGHvnXBmCslNxrE/1pQxk+ZjiyDXiUyQ
Checks for missing Authenticode signature.
resource |
---|
a81aadfbc68b5d6e478694dc4123072c_JaffaCakes118 |
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
lstrlenA
GetTickCount
GetSystemDirectoryA
FindFirstFileA
GetLastError
lstrcmpiA
GetModuleHandleA
FindClose
MoveFileA
GetModuleFileNameA
FindNextFileA
DeleteFileA
VirtualProtect
VirtualQuery
IsBadReadPtr
CopyFileA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
GetSystemMetrics
MessageBoxA
GetForegroundWindow
PathAddBackslashA
PathAppendA
PathStripPathA
PathRemoveFileSpecA
ShellExecuteA
_vsnprintf
_strcmpi
_stricmp
memset
DllRegisterServer
DllUnregisterServer
onLogon
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ