Inse
_Inse@16
Static task
static1
Behavioral task
behavioral1
Sample
0a8b23b2aefbf90b6493d42884882c92_JaffaCakes118.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
0a8b23b2aefbf90b6493d42884882c92_JaffaCakes118.dll
Resource
win10v2004-20240802-en
Target
0a8b23b2aefbf90b6493d42884882c92_JaffaCakes118
Size
58KB
MD5
0a8b23b2aefbf90b6493d42884882c92
SHA1
a1375a7ac5145963252ad75a97d91025b439926b
SHA256
abd7aef2a3d2d860d6f85dc7204a1dddf5ffd1bf2ca5573692530b7ec85999ad
SHA512
7e142ed586c31ee9758a3534d954260ef62b7fc1131f51a826e927d2ef6fe1ee6b90c6dd8e88d57cb628e2bf3d790a8589caab11ef5a28373a7c9bb0e5aabe3f
SSDEEP
384:akXsPuq8jf7ssABBIdv3aLVNBiw6N4fsxACPe0w70d9OW:fXPjfgsA+CozN4Ux/Py70d0W
Checks for missing Authenticode signature.
resource |
---|
0a8b23b2aefbf90b6493d42884882c92_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
ReleaseMutex
GetLastError
VirtualFreeEx
VirtualAllocEx
FindClose
FindNextFileA
lstrcmpiA
lstrcatA
CloseHandle
GetCurrentProcess
Module32First
VirtualProtectEx
ReadFile
CreateMutexA
DeleteFileA
GetModuleFileNameA
CopyFileA
TerminateProcess
GlobalFree
GlobalUnlock
DisableThreadLibraryCalls
IsBadReadPtr
CreateFileA
GetTempPathA
GetCurrentProcessId
WaitForSingleObject
Sleep
LoadLibraryA
GetProcAddress
WinExec
InitializeCriticalSection
lstrcpyA
lstrlenA
GetTickCount
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetFileSize
GetWindowThreadProcessId
GetForegroundWindow
GetWindowRect
GetDC
ReleaseDC
OpenWindowStationA
SetProcessWindowStation
OpenDesktopA
SetThreadDesktop
wsprintfA
EnumWindows
DeleteObject
GetPaletteEntries
GetNearestPaletteIndex
CreateHalftonePalette
SetSecurityDescriptorDacl
LookupPrivilegeValueA
OpenProcessToken
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
getpeername
gethostbyname
WSAStartup
closesocket
send
recv
select
connect
ioctlsocket
htons
socket
wcscmp
_splitpath
strchr
_purecall
strcat
strrchr
rand
srand
free
__dllonexit
_onexit
memcpy
sscanf
strlen
strstr
strncat
fflush
fopen
fwrite
fputc
fclose
memset
_itoa
??2@YAPAXI@Z
__CxxFrameHandler
strcpy
atoi
strcmp
_beginthreadex
StrStrIA
MakeSureDirectoryPathExists
Inse
_Inse@16
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ