DllCanUnloadNow
DllUnregisterServer
Behavioral task
behavioral1
Sample
711d5fb0d8f32363c0f62feaa4fc91be_JaffaCakes118.dll
Resource
win7-20240708-en
Target
711d5fb0d8f32363c0f62feaa4fc91be_JaffaCakes118
Size
24KB
MD5
711d5fb0d8f32363c0f62feaa4fc91be
SHA1
be7432aa6728c6a69e876e5b7779b03968e645f5
SHA256
f65f2950f28806668e881e92b3045905dccf6ea1ffb5f634d37b1cbd4d68446a
SHA512
e950007ba2637d64c9b9a46fffd472d6b072be109898e923d6141b3fb12198b4f13905859ad67a3cca4be18ec529fa31d84e17ffc762ae9ac290dfc49dbd2f18
SSDEEP
384:HTdCgJ3UVDWAUVHS5rJ9tktM2OZxkLLeN1rePjHhaCQe7AkjSxdceMj4gDL:HTdCFDWAUVHQF9tWM2O4yPgBzp2fC9
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
711d5fb0d8f32363c0f62feaa4fc91be_JaffaCakes118 |
unpack001/out.upx |
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
DllCanUnloadNow
DllUnregisterServer
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ