Outt
Sett
Behavioral task
behavioral1
Sample
85f5fd81c9f9f7f625afb5fd5972dc51_JaffaCakes118.dll
Resource
win7-20240708-en
Target
85f5fd81c9f9f7f625afb5fd5972dc51_JaffaCakes118
Size
69KB
MD5
85f5fd81c9f9f7f625afb5fd5972dc51
SHA1
f31ffe45f2136c139e0ce5f09e68cf6d4afb49d7
SHA256
1ae8f9dc996906e6464e9eb026ee61b7211bde19433f12af9b8b864a0de8714a
SHA512
cd8e8ba60d707b6371745f65ffed288d21e4a6cfb407aebeff54bb17868e374fb368569d79329fa314bb31953f8a36548d92d627701f8c3827ff16c3c3a083b2
SSDEEP
1536:yl3E0TOl6iHM7B8GdtDWP6VuhDduF8p1fMqwt7quwN2jJ:E396TMukDW6Vqwm1KwN2jJ
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
85f5fd81c9f9f7f625afb5fd5972dc51_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ