Outt
Sett
Behavioral task
behavioral1
Sample
70a939b10f94bc9d44b5f93258653475_JaffaCakes118.dll
Resource
win7-20240704-en
Target
70a939b10f94bc9d44b5f93258653475_JaffaCakes118
Size
64KB
MD5
70a939b10f94bc9d44b5f93258653475
SHA1
23e2bf18290226737b8807324cd6bc7597c2dfd2
SHA256
4963fdc42d1249074f67eeca4f7a887ceae23729235f284df0a3727df75a58f2
SHA512
e8d3d03b828e593483a677a222d28ad00b10bf41e5a1e182aeb1b85fe4d72dde1d9411fec1dc211311ca02137c1d8c5c83f0c8822dd39882a7cf9fe89ac1c40a
SSDEEP
1536:5jRmOLJ/Ifu59abgKnqZu7k5h2lVT1YRNOiC2:xfy+94JndIv2ll1eEQ
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
70a939b10f94bc9d44b5f93258653475_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ