CancelDll
LoadDll
Static task
static1
Behavioral task
behavioral1
Sample
d5f0d6dce430f623876a976f61a572e0_JaffaCakes118.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d5f0d6dce430f623876a976f61a572e0_JaffaCakes118.dll
Resource
win10v2004-20240802-en
Target
d5f0d6dce430f623876a976f61a572e0_JaffaCakes118
Size
69KB
MD5
d5f0d6dce430f623876a976f61a572e0
SHA1
98a1870999eebb88130b99f8c0566ccabaf829cb
SHA256
67261cadd0b4f16d3bad49057991f83f87ab0c56b5e3e56e30c8fa8b71039579
SHA512
3b95253d71693e7c5891ef8ce41f15ad704e7f5cc51f42af42429d7e67090e2012895e7a1787915297e75486e89e273a3d7729403213998059e59ff8318460b7
SSDEEP
1536:BfQAl+7ovOEBo8s6fqSnYrFvCXwoF0Y98Lr5mH0Hp:dQAl+pCs6vYRvCXRFt98Lr5mUHp
Checks for missing Authenticode signature.
resource |
---|
d5f0d6dce430f623876a976f61a572e0_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
time
UnhookWindowsHookEx
RegQueryValueExA
CancelDll
LoadDll
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE