CancelDll
LoadDll
Behavioral task
behavioral1
Sample
d9f91ab1fc556e907b8aa0d3831d13a0_JaffaCakes118.dll
Resource
win7-20240729-en
Target
d9f91ab1fc556e907b8aa0d3831d13a0_JaffaCakes118
Size
101KB
MD5
d9f91ab1fc556e907b8aa0d3831d13a0
SHA1
992a67f8ab5cca85bebb2f69ab69c310b70c0d41
SHA256
a6e9f9b2b3ec75283d32355bd058d16824216e8a94beafd827dc4d6911c99022
SHA512
93d149feea5e8dd354ffcc0ebeb40e43894f234bc31aed2e676965b0146b4d66c5af5ae607f5fb48c3a04a504075b84c66bdfd326a11c98ad7886af6677052d8
SSDEEP
1536:AnSIWWZU3mEoJxVQodVmIwdQa37vDv47zyO4YSsBhlG:ZF3mEuxCod0Imf7DwSbD
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
d9f91ab1fc556e907b8aa0d3831d13a0_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE