CancelDll
LoadDll
Behavioral task
behavioral1
Sample
fb1266ed92b9ad66bcd99a8e1d5ad849_JaffaCakes118.dll
Resource
win7-20240903-en
Target
fb1266ed92b9ad66bcd99a8e1d5ad849_JaffaCakes118
Size
88KB
MD5
fb1266ed92b9ad66bcd99a8e1d5ad849
SHA1
57b7bd7e24d3cc4e842ef45e95b5600f12846787
SHA256
93df2b97d836a3ff6cd43212bf020511d94a2afce0e66870e2774f2ae9df0dc4
SHA512
2c88171be006699c97acff0ab289ec7e54aeb1c8f0d3f37a0f02759846dba929455f92221ae39d365f09284ecb0044cc3a6caf7a7c09a716f38d2d6dea556c08
SSDEEP
1536:AnSIWWZU3mEog74BWxuSGimGIRUTqdAF41r8Ux3iUPr:ZF3mEl74B3kqdH1rrx3iUT
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
fb1266ed92b9ad66bcd99a8e1d5ad849_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE