Outt
Sett
Behavioral task
behavioral1
Sample
24dbe95679c3d07a9640914e106d2252_JaffaCakes118.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
24dbe95679c3d07a9640914e106d2252_JaffaCakes118.dll
Resource
win10v2004-20240611-en
Target
24dbe95679c3d07a9640914e106d2252_JaffaCakes118
Size
73KB
MD5
24dbe95679c3d07a9640914e106d2252
SHA1
c468c0be18855981ffd6f4a3c22cb965ad8c579b
SHA256
ba93eba5e6e01e4b2e18c0fbb5a6a40b54beb9a3015c7e730546112dbf1b2016
SHA512
04efc6a6758d5e261355a71757af42d78a0363e2aa74f4e9265a04ec49db5cf491eee2c431edd276c10121c5fc79cb4208a42b971e0f0b519091003a09ef6e93
SSDEEP
1536:5jRmOCW8lNJKj4y0p5RGamQQ3mHNzrR8OgkL65J31EtX:xf4s4y0pWaNQ3mHoF1Ed
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
24dbe95679c3d07a9640914e106d2252_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ