DllCanUnloadNow
DllGetClassObject
DllGetObjectType
DllRegisterServer
DllUnregisterServer
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_8ad35e45d15281f79bb871e17846e1e4.dll
Resource
win7-20240903-en
Target
JaffaCakes118_8ad35e45d15281f79bb871e17846e1e4
Size
72KB
MD5
8ad35e45d15281f79bb871e17846e1e4
SHA1
8f890f2a568563841d3a8085d96875ba9ea2bc33
SHA256
3efd96309b115cc17f730ee4810f32b96a8e031d008394463e4e2d54e7fc2a3e
SHA512
705bf9871280440e8aa81d67a87cf1f8e4db3fa7056f2ca1046d54a6f7be231ee078b0c1d1cf249d41c6ce3fcd8c3f6a5da361285a14f79aabc591ef6e203c6e
SSDEEP
1536:J5/b+ULbrVNVpKIBz1kWRt6uNpaNxAUF8qSo5AOd:LTbrVpdR6up8vz5AOd
Checks for missing Authenticode signature.
resource |
---|
JaffaCakes118_8ad35e45d15281f79bb871e17846e1e4 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
WideCharToMultiByte
lstrlenW
RemoveDirectoryA
CreateThread
FindNextFileA
GetPrivateProfileStringA
FindFirstFileA
GetCommandLineW
MoveFileA
LeaveCriticalSection
ExitProcess
DisableThreadLibraryCalls
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
HeapDestroy
GetShortPathNameA
GetModuleHandleA
Sleep
CreateDirectoryA
WritePrivateProfileStringA
FreeLibrary
GetCurrentProcessId
LoadLibraryA
GetProcAddress
lstrlenA
MultiByteToWideChar
GetSystemDirectoryA
GetModuleFileNameA
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
Process32First
Process32Next
CloseHandle
DeleteFileA
LocalFree
SetFileAttributesA
EnterCriticalSection
RegQueryValueExA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteKeyA
RegCloseKey
BuildExplicitAccessWithNameA
SetEntriesInAclA
GetNamedSecurityInfoA
SetNamedSecurityInfoA
RegCreateKeyExA
RegSetValueExA
SHGetSpecialFolderPathA
CommandLineToArgvW
CoMarshalInterThreadInterfaceInStream
CoUninitialize
CoGetInterfaceAndReleaseStream
CoInitialize
CoCreateInstance
SysStringLen
LoadRegTypeLi
SysFreeString
SysAllocString
VariantClear
sprintf
_strlwr
_stricmp
_adjust_fdiv
malloc
_initterm
free
atoi
strncmp
strchr
strncpy
_purecall
memcpy
strlen
strcmp
_wcslwr
??3@YAXPAX@Z
fclose
fread
memset
??2@YAPAXI@Z
ftell
fseek
fopen
strcat
strrchr
_strupr
strstr
strcpy
memcmp
_access
wcsstr
SHSetValueA
SHDeleteKeyA
SHDeleteValueA
DllCanUnloadNow
DllGetClassObject
DllGetObjectType
DllRegisterServer
DllUnregisterServer
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ