Outt
Sett
Behavioral task
behavioral1
Sample
af4c9842f53015190384e5ba1bc6882b_JaffaCakes118.dll
Resource
win7-20240704-en
Target
af4c9842f53015190384e5ba1bc6882b_JaffaCakes118
Size
60KB
MD5
af4c9842f53015190384e5ba1bc6882b
SHA1
e0248608b5ba52d76dfd0a0bc3590188dc437207
SHA256
813d340d759f022d8d949cb2b525c45f354b39dbac4ba697fde8d02cf036e2e2
SHA512
92975439eb865bef43e0307c555140c521c8bbe29ceef984ecdc7f9b010394e73e1ea7c3307f96bbacd0e28a400f465c5a66a4ccbcbb54c8f6e71d9f47647c60
SSDEEP
1536:MhBRVgrExucM1xu4QpKdfZO+O2Z4DdI966wSt+XDoZ:cRRsluRpKLOfDdI96VGuY
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
af4c9842f53015190384e5ba1bc6882b_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ