GetPluginInfo
GetPluginResult
GetPluginRun
PluginFunc
PluginStop
Static task
static1
Behavioral task
behavioral1
Sample
b0acaddeb620745b9a12dfa6aeb98389_JaffaCakes118.dll
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
b0acaddeb620745b9a12dfa6aeb98389_JaffaCakes118.dll
Resource
win10v2004-20240802-en
Target
b0acaddeb620745b9a12dfa6aeb98389_JaffaCakes118
Size
31KB
MD5
b0acaddeb620745b9a12dfa6aeb98389
SHA1
57cf6f06b1876fa1a2481837e1c67098f6c4affd
SHA256
d74b7b8ec01378a22b9b2b59d3b26488478c27e8d8a2d7454a9e345d38dbe8e1
SHA512
f25c9cab5fe257a3fcd669ebf75f18e1d1adeb0b4d38bf091da1035108d49847e60efb012abf67e33ee72ac29c11b7547beb5d2d0372a811187f8b5ee97a8e73
SSDEEP
768:pWc6IEFRqpIbt/Grr83BE2RTCJnHWXpb4X0QD:ptEFQ6e/kBEF2Zb8l
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
Checks for missing Authenticode signature.
resource |
---|
b0acaddeb620745b9a12dfa6aeb98389_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
GetPluginInfo
GetPluginResult
GetPluginRun
PluginFunc
PluginStop
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE