Outt
Sett
Behavioral task
behavioral1
Sample
1a6d3e1d2622c114370d4a9354465eb4_JaffaCakes118.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1a6d3e1d2622c114370d4a9354465eb4_JaffaCakes118.dll
Resource
win10v2004-20240611-en
Target
1a6d3e1d2622c114370d4a9354465eb4_JaffaCakes118
Size
62KB
MD5
1a6d3e1d2622c114370d4a9354465eb4
SHA1
7a662075458883249d79f473d8721b3d980d5147
SHA256
5d82b851eb4758f19639445719c0651cfc0c8d262a8ac178ffc7b25a87ba99c5
SHA512
255b33f6b929e13f5c89b9b5c084a7f90fb54da2ff9a1f91e20dab4701ef8e84b3179d0f288f4d3369145aa4a0cb589031caaeef12243f52cda48698c9a9db70
SSDEEP
1536:23umoMtxMYvZew0n1PpGN/4xfiRA4Qd1Zz7mTrmP:CoMtxdeoSEq4Qd1pEmP
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
1a6d3e1d2622c114370d4a9354465eb4_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ