Outt
Sett
Behavioral task
behavioral1
Sample
6f6419e93d1b8ff995a421d57980fd34_JaffaCakes118.dll
Resource
win7-20240704-en
Target
6f6419e93d1b8ff995a421d57980fd34_JaffaCakes118
Size
51KB
MD5
6f6419e93d1b8ff995a421d57980fd34
SHA1
5d40fd20094faf8ac9b32667cc40af5c72da5a63
SHA256
151faa3dc85112333f56250b368eaabc8f31b30813a5c2b6fa43fda96cd160c6
SHA512
55396b071d0e5aed453853885e66d75b8667350529f32a22f60833437f76d4e5111495ab3f0cde6265e374691ba329da07b98e1560088d53fac5441d54215b80
SSDEEP
768:nbY4l4h4QSyygDjgcXsVUJsRCV3xuagus3SGNZg4imssg39wcdqJ:EG42Q7jgSJma+3SSZgxTDucYJ
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
6f6419e93d1b8ff995a421d57980fd34_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.