?AutumnPoint@@YG_KPAUHINSTANCE__@@U_COMMPROP@@@Z
?WexiraPas@@YG_KPAUHINSTANCE__@@U_COMMPROP@@@Z
?WexiraReg@@YG_KPAUHINSTANCE__@@U_COMMPROP@@@Z
Static task
static1
Behavioral task
behavioral1
Sample
3a3a49de6c969ae8e7fe2661e2b32df7_JaffaCakes118.dll
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
3a3a49de6c969ae8e7fe2661e2b32df7_JaffaCakes118.dll
Resource
win10v2004-20241007-en
Target
3a3a49de6c969ae8e7fe2661e2b32df7_JaffaCakes118
Size
50KB
MD5
3a3a49de6c969ae8e7fe2661e2b32df7
SHA1
bfb1caf081eefe405bd963ffc612880d299cd5b2
SHA256
ba8c46eceee8660d62393cc50f9b5cb6b12bfc839ffbe47b3d28001d4a5a4616
SHA512
2a9d5dbcc781c7327150701e67f96bc2ab0f2d7174911e9f1f56c188ca11fd4785badf72e00b11c6abc945d3b053c9ecde9264a571455529f0992314104504aa
SSDEEP
768:lhhU5NmT8YEYmnZh6q5XqcuNjySKehuEZJzmoMe8FcmBA8xOoI/f+ISh:lrUr4iZhtoyTCuEZ1moV81OXGDh
Checks for missing Authenticode signature.
resource |
---|
3a3a49de6c969ae8e7fe2661e2b32df7_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
StrStrIA
StrCpyW
StrCmpLogicalW
GetModuleFileNameA
GetTickCount
GetModuleHandleA
IsCharAlphaW
InvalidateRgn
memset
?AutumnPoint@@YG_KPAUHINSTANCE__@@U_COMMPROP@@@Z
?WexiraPas@@YG_KPAUHINSTANCE__@@U_COMMPROP@@@Z
?WexiraReg@@YG_KPAUHINSTANCE__@@U_COMMPROP@@@Z
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ