CancelDll
LoadDll
Behavioral task
behavioral1
Sample
b800b4b13c0fd85a0446130cbae0cc1f_JaffaCakes118.dll
Resource
win7-20240708-en
Target
b800b4b13c0fd85a0446130cbae0cc1f_JaffaCakes118
Size
106KB
MD5
b800b4b13c0fd85a0446130cbae0cc1f
SHA1
c12f6f8b5d66aec914e1cbe00b620359da094917
SHA256
026c449c4ec06e066b2583b5625c29630d26234537620f2a880e585a96cf1c52
SHA512
1f6e6de6f58e661bc345d72676bc7df958bbb97eb77db1673f1996c9382b6abb052a7ba6e74ae44faa1aef667a953cef0f1f181cf06838ca4810428392442dd2
SSDEEP
1536:TD6K271gp7DXHQ49AkjTw3ypWpIIPPo6l+zEZn+JLFmnaJUkP:TDGYLwwjjTw3ypWpfPPo6UEh+5oaJ/
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
b800b4b13c0fd85a0446130cbae0cc1f_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE