DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Behavioral task
behavioral1
Sample
d9a70f4bf0d82a1dd89b0f80d2194e3c_JaffaCakes118.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d9a70f4bf0d82a1dd89b0f80d2194e3c_JaffaCakes118.dll
Resource
win10v2004-20240802-en
Target
d9a70f4bf0d82a1dd89b0f80d2194e3c_JaffaCakes118
Size
155KB
MD5
d9a70f4bf0d82a1dd89b0f80d2194e3c
SHA1
d3bf88c2356e82e8ea36e961e1828d7873bdc727
SHA256
1acef2f43253b5378a2fea58b71a45b698bff28ea4fdf70d11c56a4172e3f86c
SHA512
8b34cf5c9cc2e37151348cbeb02be2d67bc4048dd2169f7864cacf75eeda40b023ba4b449d904c3d1d578f50c3ce870778206111baf3b370bea009bc60d96b03
SSDEEP
3072:th/2ocQbLDMJgCs7NNubbrMbvT0q8O1cZPzQ7IXMBc+AMP+QfQEhxFyVU7Ppt:th/2ocMLMgCsJiwvP6bQ7yMP+DE827xt
resource | yara_rule |
---|---|
sample | aspack_v212_v242 |
Checks for missing Authenticode signature.
resource |
---|
d9a70f4bf0d82a1dd89b0f80d2194e3c_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE