jjj
kkk
xxx
Behavioral task
behavioral1
Sample
732fd1d10e6296a803f34f138eafaa4a_JaffaCakes118.dll
Resource
win7-20240705-en
Target
732fd1d10e6296a803f34f138eafaa4a_JaffaCakes118
Size
10KB
MD5
732fd1d10e6296a803f34f138eafaa4a
SHA1
9d662d724394fdb9e179741d87a4f53b567d9216
SHA256
90c3401393128f965cef3db5fa6cc6424d9403ca8d8cb80963d42ec03547969a
SHA512
6e1e603d3f3e10c35c45b7a1efba5daf08cc54341722d3ba746cac62fb17a8a754704eb916c98cad4c4748d4c13a2f8a5855c0e77b42d7f65535b24c76ffdfe2
SSDEEP
192:iAkfgsLVh4Q+RUsmVNLldwtPpY/9kVICZm22ySPC:iAnsLv4Q+R1A/oPpW9keom2gPC
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
732fd1d10e6296a803f34f138eafaa4a_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
jjj
kkk
xxx
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ