Outt
Sett
Behavioral task
behavioral1
Sample
6f06d6451c0a50b8ef574a7373192f98_JaffaCakes118.dll
Resource
win7-20240705-en
Target
6f06d6451c0a50b8ef574a7373192f98_JaffaCakes118
Size
73KB
MD5
6f06d6451c0a50b8ef574a7373192f98
SHA1
f553b5db320169a532ab7f97d6bded3a9f0521f3
SHA256
cdee87b2e856e72d237e4efa98f6516f42b589cbbb1a8478cead9bd777555cdb
SHA512
8bbc3e73cd45f7c521a6e28bdc35b000ed9de41d2be65f6d14f648e5d162fdf4037d5d98c282271dd00294e97f7045f22307d07bf8dd6ae43d974377493718d1
SSDEEP
1536:Bm1NGJVGalqY02KwiSnKqa1LAJ4NMzEFvwMv0npB3sQeXZ+xt:kX0VTlqYJKxkKqapAJkqsApnE+xt
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
6f06d6451c0a50b8ef574a7373192f98_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ