Outt
Sett
Behavioral task
behavioral1
Sample
a408eb43539113175e8a13232106c62f_JaffaCakes118.dll
Resource
win7-20240704-en
Target
a408eb43539113175e8a13232106c62f_JaffaCakes118
Size
65KB
MD5
a408eb43539113175e8a13232106c62f
SHA1
f1be0b0834295cf31199de715619f7a00c0c104d
SHA256
dc321431a31a71f96c13897e567e8374b5f9ba482a504c46e3d0380550b1c7d3
SHA512
fb4d4537d0a441e685417f9a1693574490b397478e6393aec3e9ce3818792f76f0b85b61e9cf0d9ce08771115fc88b1a97d753d3384b37fe4414112e115715ee
SSDEEP
1536:1zExMwCGQ2j/F3fhLI+ikwwP67btA5LcA9YJGXQ9r21b4IJWD:1I+wCGvDdpL9iw75Lc4G3rgb4B
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
a408eb43539113175e8a13232106c62f_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ