Outt
Sett
Behavioral task
behavioral1
Sample
8659bb164046c26edec5dac327205f84_JaffaCakes118.dll
Resource
win7-20240704-en
Target
8659bb164046c26edec5dac327205f84_JaffaCakes118
Size
43KB
MD5
8659bb164046c26edec5dac327205f84
SHA1
af57a806422765fe199bb43491bb30c67ed46567
SHA256
ba088cecfcce2eac796308a3a08f83ad335f3351880a0785e1d88f1f3f4df9d1
SHA512
0596e5748cc1526bef0b6bc7418e77c7c01086266d49f6318a1d151feed8aa6ebd84c5ffac9c4be2a513d49a31d2cdad305aac2cf610d42128def93e4829dbb5
SSDEEP
768:nbY4lCUZhR0BgpH9HRzegYb4ONbzcUODEa8zsR/bkdqSsTFrNN5b8lg:EGCUZL0BOH9HRzQb4ONcZEzs9kdqSMrj
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
8659bb164046c26edec5dac327205f84_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ