StartHook
StopHook
Behavioral task
behavioral1
Sample
d03646e386746e5fc346926d86504926_JaffaCakes118.dll
Resource
win7-20240708-en
Target
d03646e386746e5fc346926d86504926_JaffaCakes118
Size
12KB
MD5
d03646e386746e5fc346926d86504926
SHA1
3766bb4b98d53c0f35ee3663e7c2bafb31e20ae7
SHA256
3a99479bc73ceb650f4e5a56630e6b26542dd31d27c37cd0414f36fc411ed539
SHA512
98f397a6085b8c5fa1e3d1f2799a155c115ded6276bdd1afd97c6fa54e238ee7d8ed00ad56d384185a378ea9373ec835144c6cb02c5511ffb8933aa8d8542b2b
SSDEEP
192:nE0h1oj/ed/ma5dFpbXRO71NXXn+Y+uZSFlFnQ33c83yfYGAL0MRcPALaZ:XjorUm8iNHn+80kT3pGcsz
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
d03646e386746e5fc346926d86504926_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
StartHook
StopHook
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE