Outt
Sett
Behavioral task
behavioral1
Sample
f879576b0dbe15eeb9c1970335b2e49b_JaffaCakes118.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f879576b0dbe15eeb9c1970335b2e49b_JaffaCakes118.dll
Resource
win10v2004-20240226-en
Target
f879576b0dbe15eeb9c1970335b2e49b_JaffaCakes118
Size
52KB
MD5
f879576b0dbe15eeb9c1970335b2e49b
SHA1
f760f6c2c27c8e8e70a644f22cd9b0a71d42401b
SHA256
59b3d7170f2ca7579ea14cf69f5378461f06c226209b0435f42a55eeea591b85
SHA512
9ba67e84b0b2c321e8fb9dbd9531dd398b676104427bdf636675a5d1f99c77c2804bf6bbd349a8c60defc8683fb6d3a96337b8b725b8187b5251008a36b91ca8
SSDEEP
768:9xBtKtqyLUYQXZ/BgHRXE53sepKainkCcwyylv7vcGJQtCPcn9TF0OFsZaSuxc6N:9260tcsAKQaljvcttMc9fFs7qkpK
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
f879576b0dbe15eeb9c1970335b2e49b_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ