Outt
Sett
Behavioral task
behavioral1
Sample
a3be4ffa1d9ba941e85e3bea47e12b67_JaffaCakes118.dll
Resource
win7-20240708-en
Target
a3be4ffa1d9ba941e85e3bea47e12b67_JaffaCakes118
Size
60KB
MD5
a3be4ffa1d9ba941e85e3bea47e12b67
SHA1
096c9f49317c2156dbe75f4145d1375e812abaa1
SHA256
e56496db222d956e160a4e4665c677e4260b7229397989f3356a41eb803cb1fe
SHA512
92cbd81e498c36e3e24428d46d9d3e4ee0ae8dad0c8936566a9c4f92ac6f82c62297647b987a9df5801cce1308c56117b7df90a1e4a4d17e4c4455c5e6beacec
SSDEEP
768:9xBtKtqyLUTz4TMLSoYmTrWNVpOBH4q4y/FqnYxby2RHL9dAIZoAQibPLBgaQAXk:9dk4imKYH4WxbyYrXtoAbiaQUCOm
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
a3be4ffa1d9ba941e85e3bea47e12b67_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ