_LOADLIBRARY_DUMMY
_RunAs@16
Behavioral task
behavioral1
Sample
1416f99c0db16a6aa70918fcaaa4ece2_JaffaCakes118.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
1416f99c0db16a6aa70918fcaaa4ece2_JaffaCakes118.dll
Resource
win10v2004-20240802-en
Target
1416f99c0db16a6aa70918fcaaa4ece2_JaffaCakes118
Size
97KB
MD5
1416f99c0db16a6aa70918fcaaa4ece2
SHA1
4cfdab1733d740ebd6a0ba96b9f945e2ff58b005
SHA256
8688d9d80263867a047c8813fdd21cd9cdec0ed1113ce5b0470f601af48482fc
SHA512
1dd6b6cc8514998c8b3e074c001efb69e31ef9381d77e42ecace8fe2ed1cba608fbe31ebfa797f288d634255b6d49ae4ac9bf5ed0b5ca737b049390ccec05bf6
SSDEEP
1536:a67fs3pHHIb7Or6fKWrp9eYopTKZt4S1i16U7Ks8TSUgwxRcx:a2fs31IwVYopTKZt51TS+
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
1416f99c0db16a6aa70918fcaaa4ece2_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
_LOADLIBRARY_DUMMY
_RunAs@16
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE