Outt
Sett
Behavioral task
behavioral1
Sample
a4b0ccc8c644a69d754fbb3effa2c5d0_JaffaCakes118.dll
Resource
win7-20240705-en
Target
a4b0ccc8c644a69d754fbb3effa2c5d0_JaffaCakes118
Size
66KB
MD5
a4b0ccc8c644a69d754fbb3effa2c5d0
SHA1
5ce7b3904d992759b51a6d8fafb72fc6688846fb
SHA256
fb86a307ae7ae06d44506ca4fe3ba16ac53f3a77668b1e38c2cdbcb3f21645d2
SHA512
b77efa7751adcd588e3a236f02bee02963b28048f89db27c880dc3a4c35afce73c83c8cc4e98d200bb2a184c392fa0b39aaa95d2097dee9bb471ee7a2986d7b6
SSDEEP
1536:92sKEAytkOvd8r2V2Wwc+tNgikmuwmNYTTAS/1Q:N1I2V2ptmxvYz1Q
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
a4b0ccc8c644a69d754fbb3effa2c5d0_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ