CancelDll
LoadDll
Behavioral task
behavioral1
Sample
f68718a29c811c4a11936752065d76e1_JaffaCakes118.dll
Resource
win7-20240708-en
Target
f68718a29c811c4a11936752065d76e1_JaffaCakes118
Size
107KB
MD5
f68718a29c811c4a11936752065d76e1
SHA1
90be300ef2866fe57743088ff5f58f1727bbbee0
SHA256
c37eab454ac886ca12271979415449def275bb1f5e9315a52637d527587ff401
SHA512
43d0ddf46b3107d4419f17b136577e11b569934455a6bea0d1ce3afbce4207410e24b1e63d278889eec9a61b20de2d2663c6a7ce07d1e7017015bf339a6350a2
SSDEEP
1536:TD6K271gp7DXHQ49AedD12RZdnUjm6P3ucJ6sjsY/M4MqmUR/D/YQt:TDGYLwwVDyZdum6P3JljsY7f5D/Yo
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
f68718a29c811c4a11936752065d76e1_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE