Outt
Sett
Behavioral task
behavioral1
Sample
21c0a078524456ca791da2a617986a1f_JaffaCakes118.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
21c0a078524456ca791da2a617986a1f_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Target
21c0a078524456ca791da2a617986a1f_JaffaCakes118
Size
73KB
MD5
21c0a078524456ca791da2a617986a1f
SHA1
f9bac376922bc23a4e374d628094de23ea2225ae
SHA256
0cb369a40a49b0c36bd3fd88f9d62df70f0ade157e1f0667858d3959a1878b0f
SHA512
683dd6412357e8f979e93cd294cb4bb2824d19895c9c048e127209e02ad0c8fe13f7f8f162cebb60a23c7330023de73c518adf7d7e78899f255b1842be6b26d1
SSDEEP
1536:mPO6KEVbsVP0gY3SLhY76nRPdlntj7aENIotzexHxhdZl/+30mDBt:cMEVbsVcZS9Y76RPbtmxjZluH
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
21c0a078524456ca791da2a617986a1f_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ