CancelDll
LoadDll
Behavioral task
behavioral1
Sample
0431345e838eac9718d83a1fdb360aae_JaffaCakes118.dll
Resource
win7-20240903-en
Target
0431345e838eac9718d83a1fdb360aae_JaffaCakes118
Size
94KB
MD5
0431345e838eac9718d83a1fdb360aae
SHA1
d28bdf5500cceeb26680bdfa16c5e7c53292eb00
SHA256
4887c3c78e1d1b560b33ed745baf405cb670cfbeeeed1c7ea2a4be6a4f623314
SHA512
2c72e8aae4b94fd1933f48417d8ef514d2dc71758de1869603344f3cba6bb5211f6b1f1e2745dbc96304b0f95eeb1229a3a2e0797f967c6eab07376a81f2ed8a
SSDEEP
1536:SAVJ0mWeB/iU9QZQ6roj0jnhrezi6e7uPP6ZKZzZzsGnpfqpcv:zJ0mW8/i5ZQGo4jhrcaUX7smft
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
0431345e838eac9718d83a1fdb360aae_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE