Outt
Sett
Behavioral task
behavioral1
Sample
21996b668eac117430aedd61ca543ade_JaffaCakes118.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
21996b668eac117430aedd61ca543ade_JaffaCakes118.dll
Resource
win10v2004-20240611-en
Target
21996b668eac117430aedd61ca543ade_JaffaCakes118
Size
57KB
MD5
21996b668eac117430aedd61ca543ade
SHA1
794f478383d36e234bf4122a1f14a2ebff41fb9c
SHA256
70614eac892e0bb3c31868c832115a28dae4477b2eb5b3dc1a9aa4ee156c067d
SHA512
04b751257a311cbb6fe0757c05edc1b702d64d56dc0840972263f3ab6df59015edb8cc43954bc7dfa017e66c24ca123967d59adb7c3f93c1b280c0438612459a
SSDEEP
1536:V2bPPULSpt64SjP+sm6ZCV1xWUldhLgkLw6F6:WHULSpt3oPB1oVfDlbcM4
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
21996b668eac117430aedd61ca543ade_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ