CancelDll
LoadDll
Behavioral task
behavioral1
Sample
abcff4574a5b8daf4f497644120c5d2b_JaffaCakes118.dll
Resource
win7-20240704-en
Target
abcff4574a5b8daf4f497644120c5d2b_JaffaCakes118
Size
87KB
MD5
abcff4574a5b8daf4f497644120c5d2b
SHA1
278fb299a968a1bacd6ae326b50e36417dc1049c
SHA256
d499f58badfadca4b9ea673df38dd9929c43304551211b160b5b6286c56f5e00
SHA512
29baee5e3ec66be7d71f8b24bbf89c06a2da5efc3d2dd95168d0c8091e7a783e45e6031f3ebefc02054f92cf940d8e4520b323e8e68b1dc0aa382d103d0aa80c
SSDEEP
1536:9iJJJXbJlTYTnkU38GPkKgFrrFhDlRf5SDL:cJvpYTnkU3CKgFvxlkDL
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
abcff4574a5b8daf4f497644120c5d2b_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE