?DelHook@@YGHXZ
?SetHook@@YGHXZ
Static task
static1
Behavioral task
behavioral1
Sample
b64b00806e8055a8a2291f057d41d214_JaffaCakes118.dll
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
b64b00806e8055a8a2291f057d41d214_JaffaCakes118.dll
Resource
win10v2004-20240802-en
Target
b64b00806e8055a8a2291f057d41d214_JaffaCakes118
Size
15KB
MD5
b64b00806e8055a8a2291f057d41d214
SHA1
69a69d4b1479e3f1400247b23b0a950138d044f3
SHA256
b0dfd8436e7b139fa965ca188af1feedcc3fff7eb6de17f53a3d29ce802f6d64
SHA512
7629d5fbfc2eb2768de247a7cae23864b6246a9a05a7cd12c7d0bb714dcc631c05f21266ac4986642bdc106a5071aae2c816036e00b8e244b98bdba96306536a
SSDEEP
384:WQIwYwVJDPn9pRDx7KpER740UiNMK4yEeuSFtTpWzXWsH:W7wY+n9A+Rs0UMdHECFx0XWE
Checks for missing Authenticode signature.
resource |
---|
b64b00806e8055a8a2291f057d41d214_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ord4698
??1type_info@@UAE@XZ
CallNextHookEx
RegQueryValueExA
CoInitialize
VariantClear
URLDownloadToFileA
?DelHook@@YGHXZ
?SetHook@@YGHXZ
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE