DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Static task
static1
Behavioral task
behavioral1
Sample
02d6b448f43703418e1f567aa79228be_JaffaCakes118.dll
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
02d6b448f43703418e1f567aa79228be_JaffaCakes118.dll
Resource
win10v2004-20240802-en
Target
02d6b448f43703418e1f567aa79228be_JaffaCakes118
Size
48KB
MD5
02d6b448f43703418e1f567aa79228be
SHA1
b21720e8cf5bd743765e93587064e7730141c418
SHA256
e0adaa1725c9b665b4141cf26af37c699077a288196df42d360f49f00f8b9cf6
SHA512
05c7df37edcd61bba19c35d4325d96309492336defdf053e7c3578fb572806945318e5ca502cb22088756538f3f75fb20523eabac0db2b31caf47f767e74b628
SSDEEP
768:KKt/hh0kPdSpKbRwnyPQrZM3+hDELQoWdTn10bxLDb57qgX70AzX22:KKZ02MlyPC0+ReblDZq8pm
Checks for missing Authenticode signature.
resource |
---|
02d6b448f43703418e1f567aa79228be_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Process32First
GetModuleFileNameA
GetLocalTime
DisableThreadLibraryCalls
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
InterlockedDecrement
HeapAlloc
GetSystemInfo
GetVersionExA
Process32Next
HeapDestroy
lstrlenW
MultiByteToWideChar
lstrlenA
GetShortPathNameA
GetModuleHandleA
GetSystemDirectoryA
DeleteFileA
GetWindowsDirectoryA
Sleep
CreateThread
WideCharToMultiByte
GetCurrentProcessId
CreateEventA
GetLastError
CloseHandle
GetCommandLineW
LoadLibraryA
GetProcAddress
HeapCreate
WritePrivateProfileStringA
DispatchMessageA
IsWindow
SetWindowTextA
SendMessageA
KillTimer
DefWindowProcA
CreateWindowExA
ShowWindow
RegisterClassExA
CallNextHookEx
FindWindowExA
PostMessageA
GetMessageA
TranslateMessage
SetTimer
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
CommandLineToArgvW
CoCreateInstance
SysAllocString
VariantClear
SysStringLen
LoadRegTypeLi
SysFreeString
fopen
fwrite
_strlwr
fclose
rand
strcmp
memcmp
free
_initterm
malloc
_adjust_fdiv
_stricmp
strchr
memcpy
memset
_purecall
??2@YAPAXI@Z
strstr
strlen
strrchr
sprintf
??3@YAXPAX@Z
_access
strcat
strcpy
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ