Outt
Sett
Behavioral task
behavioral1
Sample
897b44d657ffcd716ac798f084f86f11_JaffaCakes118.dll
Resource
win7-20240708-en
Target
897b44d657ffcd716ac798f084f86f11_JaffaCakes118
Size
50KB
MD5
897b44d657ffcd716ac798f084f86f11
SHA1
4849aea167e155ef7e39796e0fe8088dfd9d0671
SHA256
2e07221227b839b9b0b09165c03d30036efd540eebc148c8f84c340488dd36e5
SHA512
787d4de6c345d52ea8ccfb90d702dd8bf8750c8b9677f331767265e627132e57881569795acb5cbf3809eef41d9872dff165185c0e5ec215bd85421d11bb2316
SSDEEP
768:nbY4lSSIy00qDaM3RWjR5+9zQC1TH5rtXzxEHI4AE6+YBzW3fg:EGqZcCRIR5+931PyoZtzlwg
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
897b44d657ffcd716ac798f084f86f11_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ