Outt
Sett
Behavioral task
behavioral1
Sample
339f28909529a7334442a1550714c6a2_JaffaCakes118.dll
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
339f28909529a7334442a1550714c6a2_JaffaCakes118.dll
Resource
win10v2004-20240709-en
Target
339f28909529a7334442a1550714c6a2_JaffaCakes118
Size
40KB
MD5
339f28909529a7334442a1550714c6a2
SHA1
ed784420555691878ac86c3825770cbe36d26b54
SHA256
0b360e1718039c2b5b68dd9e2a806639f4a5d2e939fc7dd075b3c44eb9ec211a
SHA512
2bd50026a2b1a4ea4a316f33b3efb842a05035c55cc38d767848650703bffff61f09c21352d25e6842a9b38ea6d2764f1dd0e63e698683389d3f2bd0c90e6073
SSDEEP
768:szM2xVV8c57sgQFtbCGBDI8IjxGQAX0+S/pdmBFy5tJhZe9K4VAhUmwNl:V2bCckttMtjx5M2pd2FatXUs4GhM7
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
339f28909529a7334442a1550714c6a2_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ