Outt
Sett
Behavioral task
behavioral1
Sample
247e6c43d2e050a388a91483136d2c47_JaffaCakes118.dll
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
247e6c43d2e050a388a91483136d2c47_JaffaCakes118.dll
Resource
win10v2004-20240611-en
Target
247e6c43d2e050a388a91483136d2c47_JaffaCakes118
Size
48KB
MD5
247e6c43d2e050a388a91483136d2c47
SHA1
a710c5bf63941de545b946b8049c9c2504b91430
SHA256
49048f0884359fdf619abd64487e4bdd4416c390aaed7ec19808032dd7a0fb6a
SHA512
6a036bf27b8a42ad38a34695fd6ecd109a4d183c8065b6dcfa8e6e0a3f08e60974d6306298c8bd7862a2d6970c99c6d6284650099bacd71c9f46a5810c49e9b0
SSDEEP
768:yuUr3ip/IHI7NQTv0Fx36C6OX0cLFtFSvybA2/Lzb5rb8BfN/rhtcsEUY8U:yl3E0Tux36s1sk7jzbtbIrYX
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
247e6c43d2e050a388a91483136d2c47_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ