install
on_load
Static task
static1
Behavioral task
behavioral1
Sample
1aa4726e4429d5e566548770dfa6a08f_JaffaCakes118.dll
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
1aa4726e4429d5e566548770dfa6a08f_JaffaCakes118.dll
Resource
win10v2004-20240611-en
Target
1aa4726e4429d5e566548770dfa6a08f_JaffaCakes118
Size
2KB
MD5
1aa4726e4429d5e566548770dfa6a08f
SHA1
537c79aeb1001ebce122f8849fc4bcd7563a09bd
SHA256
b3b5a7be0903155be5cc3b443e40223897802c43c9e5fa0b3e3bda3ee182be39
SHA512
28f815395c20f55270b0dc49147fda75ca50defa9cf4dca066626ac5f06798124dc3e7db36e06859eabf5a33bc67187c938457668ca7e38a6ec716952cf7372c
Checks for missing Authenticode signature.
Processes:
resource |
---|
1aa4726e4429d5e566548770dfa6a08f_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CloseHandle
CreateFileA
FindFirstFileA
GetLocalTime
GetSystemDirectoryA
GlobalFree
Sleep
VirtualAlloc
VirtualFree
WriteFile
lstrcatA
ZwShutdownSystem
RtlAdjustPrivilege
RegCloseKey
RegCreateKeyA
RegOpenKeyA
RegSetValueExA
install
on_load
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE