EvtShutdown
EvtStartup
StartMain
inst
run
Static task
static1
Behavioral task
behavioral1
Sample
02f52d5402a9a883b6543992ef23a51f_JaffaCakes118.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
02f52d5402a9a883b6543992ef23a51f_JaffaCakes118.dll
Resource
win10v2004-20240802-en
Target
02f52d5402a9a883b6543992ef23a51f_JaffaCakes118
Size
18KB
MD5
02f52d5402a9a883b6543992ef23a51f
SHA1
b0d4d4b8a621c228b0bb1968935b2f33fa3c43a4
SHA256
c9fac35a9520fa84d8ec9bf2cdc373b59bc0c626cc715deeb0d6b52a03efb981
SHA512
5e554b5c6aa90df0fab6b046f6c9e640bde6a801fe82dcf764b75814e3d02ec790e924d2596898de66aa8aeac90f00188eb0aa937756b6e85cb387038105b634
SSDEEP
384:UltBLLPh4StW46MYGgP9twJly7IgN6LATSOfrx9g/b8Fbd:WttLPhuMfgVtwJl3A+U9g4Fb
Checks for missing Authenticode signature.
resource |
---|
02f52d5402a9a883b6543992ef23a51f_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
SHDeleteKeyA
RasEnumDevicesA
GetAdaptersInfo
SetThreadDesktop
OpenProcessToken
EvtShutdown
EvtStartup
StartMain
inst
run
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE