Outt
Sett
Behavioral task
behavioral1
Sample
2bd5d3a933e90c0477e1e639a07329fa_JaffaCakes118.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2bd5d3a933e90c0477e1e639a07329fa_JaffaCakes118.dll
Resource
win10v2004-20240704-en
Target
2bd5d3a933e90c0477e1e639a07329fa_JaffaCakes118
Size
65KB
MD5
2bd5d3a933e90c0477e1e639a07329fa
SHA1
2b76ff6dcebbab24fa043698b85648ce87f0ea0d
SHA256
f44caf9419d585e99a7f3ba5059e2057f67f306b1622977656a3858b11c592f9
SHA512
fe82d8907e922ba4544a66e69a55ec2a4bc2e8f25e4b570517bdbb8cd39e09cbb42cb58d38793a4abe978defa7b5aa28c278eebddd4fed2b85de14309c668078
SSDEEP
1536:VZIcCxRn6PZUc8T6Trg5vuA21wZChUxUfgdV7Pdr5:r+BeR8T6TC2A21wZESV7Pdd
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
2bd5d3a933e90c0477e1e639a07329fa_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ