CancelDll
LoadDll
Behavioral task
behavioral1
Sample
3af60fc7058a1fa7d4add55a4ead279f_JaffaCakes118.dll
Resource
win7-20240903-en
Target
3af60fc7058a1fa7d4add55a4ead279f_JaffaCakes118
Size
6.4MB
MD5
3af60fc7058a1fa7d4add55a4ead279f
SHA1
765e8ff31a93d4c6905ec2dc90e0cd6a91380b02
SHA256
bceaa45c138219d3e8b28155104a93bf0fbc165081b2f12da5ed532de9e298d5
SHA512
1a58f214149e84ca24c34ee48c688b950ae4c29b2a456358e4ef24aeadf1f8ba72c5fab76913ad2c70f87f73ad2bb66242ef1bc61ece45099a9e0f18328128e9
SSDEEP
1536:yzfx7c0lQLwSLGW3NkS0p2EHuTZw4I0e2x91zl1O2yKAIvGj/M:Qf69wSLGW32p27Rce91zwvIvGY
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
3af60fc7058a1fa7d4add55a4ead279f_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE