ServiceRouteEx
StartServiceEx
StopServiceEx
Static task
static1
Behavioral task
behavioral1
Sample
fac9c75b9de3497dba1305a53a7a3c10_JaffaCakes118.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
fac9c75b9de3497dba1305a53a7a3c10_JaffaCakes118.dll
Resource
win10v2004-20240802-en
Target
fac9c75b9de3497dba1305a53a7a3c10_JaffaCakes118
Size
24KB
MD5
fac9c75b9de3497dba1305a53a7a3c10
SHA1
0bcb52dc52266ec2cd2d25d7aad0c9138c64a319
SHA256
6c5d265e09f42520d5074b690070381c7a35fec3ececb89b0a4f77c88bb9a85c
SHA512
53f262e6dfa9156aecc770f8f6471ef2f887531daa3a531a66514be0feb07f1531db1c037f1964a15e7681bb789265e765cd9f988f876d671c119e64ea449dd2
SSDEEP
192:2QyL1VU58XZqDuBBQ6PRQkbZBSaeugqgbv2+E923R:2XiyZwuBBQARQkbSae7vlE923R
Checks for missing Authenticode signature.
resource |
---|
fac9c75b9de3497dba1305a53a7a3c10_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
lstrlenA
ExitProcess
Sleep
VirtualProtect
lstrcatA
GetCurrentDirectoryA
CloseHandle
CreateThread
GetModuleFileNameA
SetWindowsHookExA
SetTimer
wsprintfA
CallNextHookEx
UnhookWindowsHookEx
gethostname
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
InternetReadFile
_adjust_fdiv
malloc
_initterm
free
strstr
memcpy
strcmp
strrchr
strlen
memset
strcpy
exit
memcmp
strcat
_strlwr
_itoa
ServiceRouteEx
StartServiceEx
StopServiceEx
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ