CancelDll
LoadDll
Behavioral task
behavioral1
Sample
56d1e167c232948c6c05946e12532b46_JaffaCakes118.dll
Resource
win7-20240903-en
Target
56d1e167c232948c6c05946e12532b46_JaffaCakes118
Size
116KB
MD5
56d1e167c232948c6c05946e12532b46
SHA1
0d4b0c853360a5fe7a3262a745e1fa7c4dae2844
SHA256
079dd97e07450d7ec1128a7064f350ce79262613e632a6e81d1ea1ce0e15ea10
SHA512
651b34f669fce26cc29573b466ff56be44b5d7fbb45ac8ccc0be68d1bed24a587edb1f98efeb3b117d4e817dc38f3e8f949ba78e1772b8e3917fd7743f21fe80
SSDEEP
1536:4G3uk8hPgcW3cunhBbgA6Ut5v8LfO0aq37qO/5QGdKXq77rMGn1f8s:13sL6Dh75v8Kqh/5BdEArFn1Us
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
56d1e167c232948c6c05946e12532b46_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE