CancelDll
LoadDll
Behavioral task
behavioral1
Sample
e169e8826064cc3a6d876f5fbd20b0e2_JaffaCakes118.dll
Resource
win7-20240903-en
Target
e169e8826064cc3a6d876f5fbd20b0e2_JaffaCakes118
Size
91KB
MD5
e169e8826064cc3a6d876f5fbd20b0e2
SHA1
578b6e1b679880909f930d2b6679be90bce5bc3c
SHA256
87d1df47cb401a334a2310231d29aa410f11b26090cc50ddd28164aa6c5f3c8e
SHA512
6c8f3a82542982c0806f1750c42accfb00d6d339e6917630ae5250aab0a563dc6b6472425e48341fed88206afba1d696d192f8f331456cde10c0aef8165cef78
SSDEEP
1536:YJpsqgQUNFs/L3BBJ5rRWg32xLQ2WMXGKSFUq/uAziOrKc2Y:YJOqgjs/L37J5rRWa2a2d2lFUq/ukKcH
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
e169e8826064cc3a6d876f5fbd20b0e2_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE