CancelDll
LoadDll
Behavioral task
behavioral1
Sample
ac116d773b56cd9e19724eb47e31de82_JaffaCakes118.dll
Resource
win7-20240729-en
Target
ac116d773b56cd9e19724eb47e31de82_JaffaCakes118
Size
99KB
MD5
ac116d773b56cd9e19724eb47e31de82
SHA1
86d53dcf2ed629c1d5e029c2a90bf7315cc908a6
SHA256
9a45b4893dd20991f071cfd21f8c0d1ad46b76f47b5be4c41f2e6ae56e795603
SHA512
bc60eb982c6a06ea031132e0f75b9f238d944b7b277ba53b2c5749fcaf1d71d365e7d9f80b97773303fa72dcb62626b99e81ac2c82abe1c521728bc7f22eba39
SSDEEP
1536:7rOUbmJ/ZS8DDfPVCMF7OBcDTQZ7TQ+g7YtfucLe04jlWX:FbmhoODfPV37OBcDsTk7YYcC04Jw
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
ac116d773b56cd9e19724eb47e31de82_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE