Outt
Sett
Behavioral task
behavioral1
Sample
4843d953baed7dd3abc5babaadc5caed_JaffaCakes118.dll
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
4843d953baed7dd3abc5babaadc5caed_JaffaCakes118.dll
Resource
win10v2004-20240709-en
Target
4843d953baed7dd3abc5babaadc5caed_JaffaCakes118
Size
50KB
MD5
4843d953baed7dd3abc5babaadc5caed
SHA1
7c3e75734f0fdac5eb7a2f17cdd72b36dff5ecdb
SHA256
178199028af4115454ca715f593135410821604c9c5898a750b475e947494747
SHA512
0df02462bce9377ec7fd1f17c6fb892c53302669f62a448c4b1bd324b2c131c67be61b19a8a623d72de046aa3abfa194ad29e67900639bb8657717876be4d4c5
SSDEEP
1536:MhBRVgrExucMldayFm/RbrHErtClVduKy:cRRsL1OktV
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
4843d953baed7dd3abc5babaadc5caed_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ