_LOADLIBRARY_DUMMY
_RunAs@16
Behavioral task
behavioral1
Sample
ff5e11505492761921698d99421cb7cb_JaffaCakes118.dll
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
ff5e11505492761921698d99421cb7cb_JaffaCakes118.dll
Resource
win10v2004-20240802-en
Target
ff5e11505492761921698d99421cb7cb_JaffaCakes118
Size
118KB
MD5
ff5e11505492761921698d99421cb7cb
SHA1
5f2d9b35ce3c683f232773b78506df324d300f53
SHA256
46ce463a92b2c2bc1c76a2b08fd1dd8c2ecc596ae75fbfebf8922d30cd4926d6
SHA512
0a9185fbb8dd59ee40dac9b116991d58093b339671dede1643d0e9aa546a0553e5f9036ed3c8bf0e22929f8171132ead71f2e9ff30ed2cdd57d2bb4b5649e430
SSDEEP
1536:b8DDS7LFiLjnavBSsOnOonMaPJtSNBeAt94nouy8Af206g:+IFYjnav4bnOAMaWeAt2outKG
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
ff5e11505492761921698d99421cb7cb_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
_LOADLIBRARY_DUMMY
_RunAs@16
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE