Outt
Sett
Behavioral task
behavioral1
Sample
ed68038d8155b148fff0d27d065a94f5_JaffaCakes118.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ed68038d8155b148fff0d27d065a94f5_JaffaCakes118.dll
Resource
win10v2004-20240226-en
Target
ed68038d8155b148fff0d27d065a94f5_JaffaCakes118
Size
78KB
MD5
ed68038d8155b148fff0d27d065a94f5
SHA1
1ec82d0d049f52a7c0f21dfa9f070fa4fbaea7c5
SHA256
4a1ebaeffed66ac4156bbab8d58ba54e650c4b7f1b14643d1b3d3cdaa651fbcd
SHA512
166163153a0e6199cf59b3e3294e6dfcf0534ef8af0362edd6e4971f8b6da846675752735e74899bb2f89549a10211cb25245e0cab8b67b4ea283b66862f4ae5
SSDEEP
1536:EGEIz8YbyiDPUCzZj/BvemUU1MgkwQm8DALiTNyH5jmg:EGE2HOCPfZpJ1MkQgLUsH5jF
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
ed68038d8155b148fff0d27d065a94f5_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ