CancelDll
LoadDll
Static task
static1
Behavioral task
behavioral1
Sample
37d5084936024aea8c8beb19fae3faf8_JaffaCakes118.dll
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
37d5084936024aea8c8beb19fae3faf8_JaffaCakes118.dll
Resource
win10v2004-20241007-en
Target
37d5084936024aea8c8beb19fae3faf8_JaffaCakes118
Size
18KB
MD5
37d5084936024aea8c8beb19fae3faf8
SHA1
fee81a18c3210b1693fd31042db4539652dae84c
SHA256
89b95de46b4f958b40ebe026e7b8ab921c6a2876e000309cd1a3e3ea48c472f3
SHA512
d3abcb8f19f61d21e09aa1ec4d7f52a8c162d897b93d70fd4199a88462a4bdaa59bf077dc378dee51f067e5425c184de10d22a43bbb72d5372fedec85737e37c
SSDEEP
384:tVic1yBRQoREOnIgsCpu80gSkYkBq2UTXBRouL:tccsBFDnIpCpj03L2UlR1L
Checks for missing Authenticode signature.
resource |
---|
37d5084936024aea8c8beb19fae3faf8_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
_vsnprintf
CreateCompatibleDC
wsprintfA
CancelDll
LoadDll
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE