fff
mmm
sss
Behavioral task
behavioral1
Sample
32811db3777bd59d44411fb6f34d5170_JaffaCakes118.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
32811db3777bd59d44411fb6f34d5170_JaffaCakes118.dll
Resource
win10v2004-20240709-en
Target
32811db3777bd59d44411fb6f34d5170_JaffaCakes118
Size
13KB
MD5
32811db3777bd59d44411fb6f34d5170
SHA1
1fe87e39fefbb41a378a52e345d109e316f502ca
SHA256
159dcf4bb01d0103f938e88109d5beabe0978e425c133ec6116c39bb70b6bacb
SHA512
d76fd5019de0e481609202a6ff8cfd9fa49370ee6319b0f8341fd601703cd59f07d0fa7a494777242384053dcb845938b75223bac564e14f79b40e0fdc0b7ecf
SSDEEP
192:Blbn0zpI9aiGB/x4H75TgPy3Ra0aFcCVFaNJhLkwcud2DH9VwGfctrZ9:H0zqaiG9+u8tU3DaNJawcudoD7U
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
32811db3777bd59d44411fb6f34d5170_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
fff
mmm
sss
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE