Outt
Sett
Behavioral task
behavioral1
Sample
69d19719fb7d7ad4eb8a7db635e90661_JaffaCakes118.dll
Resource
win7-20240704-en
Target
69d19719fb7d7ad4eb8a7db635e90661_JaffaCakes118
Size
59KB
MD5
69d19719fb7d7ad4eb8a7db635e90661
SHA1
75cbfcca7b6744e906ef47ef97b8041474019d2f
SHA256
2dd2f099f9256dc7738d64f040e222e91ad08f1f68e1dacede9f2c2326e6514f
SHA512
b87b96beb99f61e6942cd4feaf5c5231159fdf9375f71a78cf1c21ca95a363f0591b126255cd09ab00c64f1a643e53455c87284c0461002da9502d5bce88949e
SSDEEP
1536:Bm1NGJVGakjr1qb9GYb2bhBmp1O/eC270X:kX0VdkdqbQYb2tBU1OUQ
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
69d19719fb7d7ad4eb8a7db635e90661_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ