Outt
Sett
Behavioral task
behavioral1
Sample
72d777622ca38a519c391a97a68e2ac2_JaffaCakes118.dll
Resource
win7-20240704-en
Target
72d777622ca38a519c391a97a68e2ac2_JaffaCakes118
Size
63KB
MD5
72d777622ca38a519c391a97a68e2ac2
SHA1
1b33e57137917f0ea92743030124586942a2a2e9
SHA256
359f91d59622cb66e890e596876b9cbfff53ed7d9e99c623ff66b355c5f1607b
SHA512
e415bb8118eddd885896810c64d82575bab00ddbecbdc2e66d9e7f3bfd50ffe805543f8f34a8c25f81e3f6f610a85d40553be988fb64e8b9c84310b8df7e7d5d
SSDEEP
1536:qmmM/TFt73a1/HfjM8SbFQb+El9lZTHLEWgy:QM/TFdS/bgbw+ErP7LP5
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
72d777622ca38a519c391a97a68e2ac2_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ