Service1
Service2
Service3
Service4
Service5
Behavioral task
behavioral1
Sample
fb53ce0c006726b1d86c011478c5b92d_JaffaCakes118.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fb53ce0c006726b1d86c011478c5b92d_JaffaCakes118.dll
Resource
win10v2004-20240412-en
Target
fb53ce0c006726b1d86c011478c5b92d_JaffaCakes118
Size
23KB
MD5
fb53ce0c006726b1d86c011478c5b92d
SHA1
4f825667dd42eecb0b2b9f25ccf68a89b2225e3a
SHA256
6b8512cf692b5e2af4b665a2d98d38f4ef7bd9cf3bb187831c72059fa4526e98
SHA512
7254caa3cdb818dfc9fec4882dcbae701e3a9cfbc5aba4e3ea585e46938a048cdd43f2f424772a26dfb4f81bd93aec54787eabaada3c1b5b8e3e701a6aec6358
SSDEEP
384:gr+MZ/CXxrlwA4E2gsKX1Mo//0I8tFRcbI1Xf0mk+wYi+pAe732lXXtaZp:ga4/CX5l28X1n/NoKb8Xf0mZi+lp
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
fb53ce0c006726b1d86c011478c5b92d_JaffaCakes118 |
unpack001/out.upx |
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Service1
Service2
Service3
Service4
Service5
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ