Outt
Sett
Behavioral task
behavioral1
Sample
a7ade67f205425240c9079b2f7646dbb_JaffaCakes118.dll
Resource
win7-20240704-en
Target
a7ade67f205425240c9079b2f7646dbb_JaffaCakes118
Size
57KB
MD5
a7ade67f205425240c9079b2f7646dbb
SHA1
bf5aa13f5dcd397f64b2500b5891c843225ead9b
SHA256
890733ee6569b5ef8d70fe5dcd5d2a485a2877b745d8f4c26be0a2abdc6683a4
SHA512
57aea132a8275d6a2b9cd7b0412083f038ab98b824e6e30aba46da1d570c608e3edaa5d709fa083bac9145b55e7f698403bedf43867deaffab9523c4485f0586
SSDEEP
1536:RVj7rMwHXwc30VQQplG/g4fldguh7hEJjqDhu:TvrlwK0VNG/gSdBpORqA
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
a7ade67f205425240c9079b2f7646dbb_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ