Outt
Sett
Behavioral task
behavioral1
Sample
07eccfb2d594621bb2ea16e9adc6122e_JaffaCakes118.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
07eccfb2d594621bb2ea16e9adc6122e_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Target
07eccfb2d594621bb2ea16e9adc6122e_JaffaCakes118
Size
87KB
MD5
07eccfb2d594621bb2ea16e9adc6122e
SHA1
e7c68615c37a316d73a9e67ed33683e030e772b7
SHA256
553228f5751d2e8e01a24a9fba76ff6e54db9775a7ddc0fbdb1ecc69460e897e
SHA512
052835dfe1f676b8c8c986c01ed77c623773b12ff31787a90da7434874004e66a28fa4f6c85e271dd07b03e1c6641f4bd5b4ccec1d22580d84b68059d26b55e1
SSDEEP
1536:1zExMwCGQ2jHQnPF1gt9MFkq7y4QgPz1+7ojWswJUodDO6GfaZqkO:1I+wCGvUn8t9Cf7y4QgPz1QojWsFx6Gz
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
07eccfb2d594621bb2ea16e9adc6122e_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ