Outt
Sett
Behavioral task
behavioral1
Sample
bcafc08947bbb2c9f074be7f654f0d87_JaffaCakes118.dll
Resource
win7-20240704-en
Target
bcafc08947bbb2c9f074be7f654f0d87_JaffaCakes118
Size
63KB
MD5
bcafc08947bbb2c9f074be7f654f0d87
SHA1
6b9062125e91dcc0ed9c4f2fc923ff4140102269
SHA256
fc19ed47ae20966e5e5b8bf55a14423f323f9d859f6a56a26b3fee742feedbc8
SHA512
af8879c43372c53728ee3574b85a7260c927852b677b4b3198c4d6490bf57f0b9f8b4af0ac97a50bdec2da6bcf11b59f5d86ec129f9992ba0e5c887631d2b4c4
SSDEEP
1536:agF0eiyUcbNKIbf3RidfQcJimaJXsuDBlZSges:t2yFBKIbfhiJBvudlZF
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
bcafc08947bbb2c9f074be7f654f0d87_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ