GetLicCode
GetLicCodet
LoadLicFile
LoadLicFilet
Static task
static1
Behavioral task
behavioral1
Sample
562ae9817a39e889a96d7c8b9548336b_JaffaCakes118.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
562ae9817a39e889a96d7c8b9548336b_JaffaCakes118.dll
Resource
win10v2004-20241007-en
Target
562ae9817a39e889a96d7c8b9548336b_JaffaCakes118
Size
146KB
MD5
562ae9817a39e889a96d7c8b9548336b
SHA1
5c1cddf5b79a40d5f92757e31544b72774b40bd5
SHA256
9eedfe28c5147969e54fabca1816edd1f5e686ad0839366737393ed2836f9e2f
SHA512
57d63aa48344aa519293c6d9252c9b48a2688a39669d6cee751cc16eb2da25964ed7d4016ba4bcb462e644742712fd54b89447d299e66952422bd2fd6f70c01c
SSDEEP
3072:BKoOisc/ygDsDCOM5wLunS06AqYtsq2Z9gGblq3k8/txw8zJF:BKoO1c/ygDsXMqMiYmq2PgGBqU8/tVL
Checks for missing Authenticode signature.
resource |
---|
562ae9817a39e889a96d7c8b9548336b_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
DeleteCriticalSection
LoadLibraryA
VirtualProtect
GetModuleFileNameA
ExitProcess
GetKeyboardType
MessageBoxA
RegQueryValueExA
SysFreeString
GetLicCode
GetLicCodet
LoadLicFile
LoadLicFilet
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ