DllCanUnloadNow
DllGetClassObject
Mondamc
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain
Static task
static1
Behavioral task
behavioral1
Sample
b1745bd896985b4eed4fbc65445fcb2b_JaffaCakes118.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
b1745bd896985b4eed4fbc65445fcb2b_JaffaCakes118.dll
Resource
win10v2004-20240802-en
Target
b1745bd896985b4eed4fbc65445fcb2b_JaffaCakes118
Size
101KB
MD5
b1745bd896985b4eed4fbc65445fcb2b
SHA1
b1091b4d0c3bdb0cf37bc59c3060dd760e5e0a16
SHA256
2b526ca3c42df3b1c82192f8160493e826383f4c884f2223a29b1cea6eac40fa
SHA512
53a9a49dd12fe71d631d8b00e17ae02a5daa40fd2b49214e1764eaf61424e6de8b5956e09fb294a0c01ce058943f7ff9113fb7a57c612372f3829e2ddba1cb93
SSDEEP
3072:Ga5ZnraNiHdPyZUsWgDBjG8t3eCbTYIkDHpF1dJ:D1rajN9G8ResWD
Checks for missing Authenticode signature.
resource |
---|
b1745bd896985b4eed4fbc65445fcb2b_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
GetStringTypeExW
CreatePipe
GetPrivateProfileStructA
DeleteFiber
GetProcAddress
ExpandEnvironmentStringsW
DeleteCriticalSection
LoadLibraryExA
SetCurrentDirectoryW
FreeSid
SysFreeString
CharNextA
DllCanUnloadNow
DllGetClassObject
Mondamc
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_MEM_READ