Outt
Sett
Behavioral task
behavioral1
Sample
a7078fd5f34cd0c5651c571171558497_JaffaCakes118.dll
Resource
win7-20240705-en
Target
a7078fd5f34cd0c5651c571171558497_JaffaCakes118
Size
73KB
MD5
a7078fd5f34cd0c5651c571171558497
SHA1
a1465db21b4c1abb4d042ef16b21240b2da6276f
SHA256
f47c896cf782a06524561fd926766104a69741a421f26149a121312133b309e5
SHA512
2a1cb1b713894abe7d4acd10fb3932724698c5eb12a0aadb4092d130e54494033a03cbd791e6d3cad31a8850034d1bc62341694762d31eeedde397f37b4c32c0
SSDEEP
1536:Bm1NGJVG6JvN0/I0rd9k+PtjYbgcmWXSa/p79SYkc8SiC8/mGsQ:kX0V90wo9k5ggXNrSYpiLFsQ
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
a7078fd5f34cd0c5651c571171558497_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ