Outt
Sett
Behavioral task
behavioral1
Sample
bdd058f77788724bcd0397e3aedbe3c9_JaffaCakes118.dll
Resource
win7-20240704-en
Target
bdd058f77788724bcd0397e3aedbe3c9_JaffaCakes118
Size
78KB
MD5
bdd058f77788724bcd0397e3aedbe3c9
SHA1
0c3378182384e3e0c3c7c4d6bcc2d71bf23b358d
SHA256
92adfd900c73800d405b9399a9621adc400d180b2cb62894a4611ca3ebeda5a9
SHA512
8b673aa0380439956416c91dbe65cb6fdfb9e6d9d85b0e2defab7ee935e9211ea6232883ea1b29929a7e539bc1f683eb082e6342bf09ba9dffca97e9d09e7ab7
SSDEEP
1536:MhBRVgrExucMZoobx+KlbwTTWnl75Pisw3TJYVpWVoOTn3mBSE+8m4He8pOkdWb:cRRsxoiyWl75aswjJd6enW5+R6HJdWb
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
bdd058f77788724bcd0397e3aedbe3c9_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ