CancelDll
LoadDll
Windows 7 will be removed from tria.ge on 2025-03-31
Behavioral task
behavioral1
Sample
eac808445d5c7a9c8a52f25f5e7c619f_JaffaCakes118.dll
Resource
win7-20240903-en
Target
eac808445d5c7a9c8a52f25f5e7c619f_JaffaCakes118
Size
101KB
MD5
eac808445d5c7a9c8a52f25f5e7c619f
SHA1
5a8dfdb7094814175befadb02a3cd5a82e141870
SHA256
57856484990e1e8a514adb49a94cc7866bb474e7a6e8152a2b67948c6931d152
SHA512
506d0026c8591936d22ed19fa98c32a98081ea6ea578f09a7f13d65fa6f7d3d133753fdb03dc318c7d164ffce3f943683a3a1fadf2f728fe686e828591187372
SSDEEP
1536:aiJJJXbJlTYTnkrd/XGlC+sp76/1p72y9/WJsd7BSvXL:zJvpYTnkrd/2lC+sp7GH9Ksyv7
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
eac808445d5c7a9c8a52f25f5e7c619f_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE