CancelDll
LoadDll
Behavioral task
behavioral1
Sample
0750a1643188708df43cad5048adacea_JaffaCakes118.dll
Resource
win7-20240903-en
Target
0750a1643188708df43cad5048adacea_JaffaCakes118
Size
103KB
MD5
0750a1643188708df43cad5048adacea
SHA1
99fe7acd7869e3cbb185665bea329fc77aebaa0e
SHA256
b50e9478d5dcf2c9924611950465adb94caad565d9f7bccffa0e319d6c9b9efc
SHA512
0af6203823f56812a36d333528cd400aef29393d83e1dd6162f28bd2971debc8dc5eb865122e7e5fff5977360ae4a5f9a5832899ba96eb2323957d0916c1a621
SSDEEP
1536:2moLIIWdNE9jv4LsBgIuDUjP+uwqN5qOsifSlFW2Qq8sZfUjlFz:f2RWdNEp4Ls2ZKWq5U77WSZfclp
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
0750a1643188708df43cad5048adacea_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE