Outt
Sett
Behavioral task
behavioral1
Sample
bfefb4e233262e7df646538473dce872_JaffaCakes118.dll
Resource
win7-20240729-en
Target
bfefb4e233262e7df646538473dce872_JaffaCakes118
Size
73KB
MD5
bfefb4e233262e7df646538473dce872
SHA1
2a2fb2abcb7780804162437bcb4c2be6aada048d
SHA256
4083a4766507b89ec09eaebd6dbeacffc8e70b33be64d50d469aea90e06c23a6
SHA512
2c8a4a032da34c24dab29ef7140149ddcd098211d858cc28a858b62580afe8d7a1aaa02dcde57ec0c1b4adc6f1264775be18af1b6334e1161c8b2dfdb0704c51
SSDEEP
1536:EGmcC3Q2lJOZpWBAxn+xQWrt2xqX/tYSNI7PCZgIClUe:EGRWQmJmn+xhrNFXS7krCye
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
bfefb4e233262e7df646538473dce872_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ