_LOADLIBRARY_DUMMY
_RunAs@16
Behavioral task
behavioral1
Sample
15432a483debce3491df93fa658139bf_JaffaCakes118.dll
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
15432a483debce3491df93fa658139bf_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Target
15432a483debce3491df93fa658139bf_JaffaCakes118
Size
34KB
MD5
15432a483debce3491df93fa658139bf
SHA1
1080bf34de72573c4b5cdfe0e52ef25ddb8eb4ab
SHA256
744107216029efdb6a6c7f09bf147b0fa5d08b583833187ff7b8cf4e06740d58
SHA512
df80b469d4fb7014d6febef880a05378212e18f6ca04146d3e803d0a889fece807c1368e410db96d8fbcc02b15dcea1fd9506dabb86c98c1eeba351fcb60721d
SSDEEP
768:x5+1X5qERrx1lEIw+4Q8AqLENEy2WMs3O/4nbcuyD7UQfK:x5CpqEpeZp9nWLnouy8QfK
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
15432a483debce3491df93fa658139bf_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
_LOADLIBRARY_DUMMY
_RunAs@16
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE