DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Behavioral task
behavioral1
Sample
4ef048492244f4133c3d706c7637d410_JaffaCakes118.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
4ef048492244f4133c3d706c7637d410_JaffaCakes118.dll
Resource
win10v2004-20241007-en
Target
4ef048492244f4133c3d706c7637d410_JaffaCakes118
Size
168KB
MD5
4ef048492244f4133c3d706c7637d410
SHA1
4dcb034f48036747c5da9718a69a63e8bc4476fe
SHA256
57b240b0d5f67ecea128750855a72ee96e9e4ace6cbde11d1c9808d8b350ad11
SHA512
68ba48a61a6d4d686e598e375d014ebf83318d7011566c9c3e5b0c1497a76c29ddcf5edd62081fb89d1928136ca8916e3c37eb3405c43798641baf4c200f1946
SSDEEP
3072:lC54Wp/CQb6rfAsbbrMbvT0q8O1cZPzQ7IXMBc+AMP+QfQEhxFyVU7rQDjz:leRp/LI9wvP6bQ7yMP+DE827rM
| resource | yara_rule |
|---|---|
| sample | aspack_v212_v242 |
Checks for missing Authenticode signature.
| resource |
|---|
| 4ef048492244f4133c3d706c7637d410_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE