CallBack
DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer
Init
Behavioral task
behavioral1
Sample
06c0e14742ffe22e9b4f4ef330ac18e1_JaffaCakes118.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
06c0e14742ffe22e9b4f4ef330ac18e1_JaffaCakes118.dll
Resource
win10v2004-20240802-en
Target
06c0e14742ffe22e9b4f4ef330ac18e1_JaffaCakes118
Size
95KB
MD5
06c0e14742ffe22e9b4f4ef330ac18e1
SHA1
b054a87677302da065fb6d62e74902723b01fdb4
SHA256
dfa397861600e87386b06f0178ffe6abae4c356c10420bbd13c64a3c78a23266
SHA512
f5d659d3e2a2dd1586e6be0aae72ac3aedde3a4d4e760324056dd8a2348c07d5717a256ba1e423a0a94195a63e31a1127cf612b1bcd1b37015cb2a11ea1d5c33
SSDEEP
1536:WtxOpabjbENiPHlhJM33DDUFgRdifCNNmbwc6PDCvbR0npOIcySR4sRz1o+yBpET:WtBXzm3DDUSRIsaMDCtcnVg9RzO/KT
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
06c0e14742ffe22e9b4f4ef330ac18e1_JaffaCakes118 |
unpack001/out.upx |
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
CallBack
DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer
Init
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ