SetMyHook
UnMyHook
jksHook
jtzHook
Behavioral task
behavioral1
Sample
f8630a2e330c4d76d0bf2a84f4add4c1_JaffaCakes118.dll
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
f8630a2e330c4d76d0bf2a84f4add4c1_JaffaCakes118.dll
Resource
win10v2004-20240412-en
Target
f8630a2e330c4d76d0bf2a84f4add4c1_JaffaCakes118
Size
19KB
MD5
f8630a2e330c4d76d0bf2a84f4add4c1
SHA1
b96da7901466f2f4820acb98608074f604308c01
SHA256
58b80a8b8d0aaf6439346f1ecdc6696b48616c2f779a5a452e1ffe96d92d02ec
SHA512
cb0d892ae7a108b5db701b18eaf1194a83fcbbb4895697d375164a272713cfbf5ca29f6d59431550bc7482fca7230f9fb393e6b057cfca9fdf0fd0820cdc3cdc
SSDEEP
384:ou6/ta5QvypLnZY/v0s2UUybO0JYEZmTJCUtGkNud4hQuVpXTat2weaxq7:ou5icUvqyC5imFCGId4hQuVpXU4
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
f8630a2e330c4d76d0bf2a84f4add4c1_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
SetMyHook
UnMyHook
jksHook
jtzHook
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ