Outt
Sett
Behavioral task
behavioral1
Sample
94d9c087483317f90f39f8d803201259_JaffaCakes118.dll
Resource
win7-20240705-en
Target
94d9c087483317f90f39f8d803201259_JaffaCakes118
Size
59KB
MD5
94d9c087483317f90f39f8d803201259
SHA1
eaa98bad0eb0d05350ec294e9213a6e3dba3624b
SHA256
2cc52ef6d4ae825b8c75783424d66ff3240adeb1ccdcfede036114c5cc0079d0
SHA512
74d9f7ef568bd4bba613148868d50e682c39a9bb67ba098f9ffcc4ff9f060274c64045f7f7008b2982256b2d3f2db8cb3bcf2d624961b28f6792c7a9ea58e482
SSDEEP
1536:GQ3tfgXKhMPwD2K0Q2d9Sfj5HQhrIQiiXfk1KUpztXyWlywE:VfgXKQwDhKSRQhrIQi6c5pztXy8/E
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
94d9c087483317f90f39f8d803201259_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ