DllCanUnloadNow
DllGetClassObject
DllRegisterServer
Static task
static1
Behavioral task
behavioral1
Sample
e0a33b8d55761e5dbe4e3cf9ab76fe4b_JaffaCakes118.dll
Resource
win7-20240903-en
Target
e0a33b8d55761e5dbe4e3cf9ab76fe4b_JaffaCakes118
Size
10KB
MD5
e0a33b8d55761e5dbe4e3cf9ab76fe4b
SHA1
a4b9f3240b3bc9bdfd5c8bf8941ce5c081dbb2bb
SHA256
9818f5fec4bcaf1c51a2006e32c22e491fa85938eaab35b00395e130f6048d57
SHA512
43556f8bffb0d93eb2ca3d9f7c17f9141066fd157edfdfed4fee81aec37a8c0c9385e5f056525649fbd26b495bdde1e2e54f098ff1245890a2d498d34454a74c
SSDEEP
192:p3Qsff486iemrKxxIYWxzp77rV0EGBwKFrw7sIbqbO/G0xi/R37DQ:pAQFPKk1z1HVRKwKxkrbqj0oR
Checks for missing Authenticode signature.
resource |
---|
e0a33b8d55761e5dbe4e3cf9ab76fe4b_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
GetVersionExA
GetSystemDirectoryW
lstrlenW
lstrcpyW
lstrlenA
MultiByteToWideChar
CompareStringW
HeapAlloc
GetProcessHeap
HeapFree
Sleep
RtlUnwind
lstrcmpA
GetModuleFileNameA
MessageBoxA
MessageBoxW
wsprintfW
CharLowerA
IsWindow
AnyPopup
RestoreDC
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
SysAllocString
SysFreeString
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ