AI
Shutdown
StartShell
Startup
Static task
static1
Behavioral task
behavioral1
Sample
3d02cc2c9cb293c92e0c1993cbabdbb9_JaffaCakes118.dll
Resource
win7-20240903-en
Target
3d02cc2c9cb293c92e0c1993cbabdbb9_JaffaCakes118
Size
34KB
MD5
3d02cc2c9cb293c92e0c1993cbabdbb9
SHA1
052338c9a36bb4f2194b66d04dcca67a0dd01d20
SHA256
1e3ac6114b71a16287702a3b283f9c74e0228c26eb52183444997c835db6c02c
SHA512
a6b6f1d769de14d317bcf31f9fb0894bebcf5627c52ff6dabfc54dce6db8a1659a0dfde82c20321a29aa89ad97ef5945de61a1e8e51dbfdaebd04dd30b6d12c7
SSDEEP
384:wCWswvfalQlxUjCg+uHs11aEHAzzO0wFWGjg9uYmZ2NeGPZyo6hBEz0o6gAvLrdW:5OXSmxUjfTHC13HE1QWGEmrhyzBGrdW
Checks for missing Authenticode signature.
resource |
---|
3d02cc2c9cb293c92e0c1993cbabdbb9_JaffaCakes118 |
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
_chkstk
GetModuleFileNameA
GetFileSize
Sleep
FlushFileBuffers
SetEndOfFile
IsBadReadPtr
GetTempPathA
MoveFileExA
GetWindowsDirectoryA
CreateProcessA
GetSystemDirectoryA
GetTempFileNameA
LoadLibraryW
GetProcAddress
LoadLibraryA
OpenWindowStationW
SetProcessWindowStation
SetWindowsHookExW
wsprintfW
UnhookWindowsHookEx
SetThreadDesktop
OpenDesktopW
CoCreateGuid
StringFromGUID2
AI
Shutdown
StartShell
Startup
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE