Outt
Sett
Behavioral task
behavioral1
Sample
ce2bfffca79d0d9af212d999d0e2fa76_JaffaCakes118.dll
Resource
win7-20240903-en
Target
ce2bfffca79d0d9af212d999d0e2fa76_JaffaCakes118
Size
47KB
MD5
ce2bfffca79d0d9af212d999d0e2fa76
SHA1
50e3d74bee53864213d771386cdc8eaafc0fe247
SHA256
0e0aa0bfb04c27ff19ad168e7558469a57889b0fcc33ebb8577ae9a542104643
SHA512
a39650a3c148f514bee21c2565eb90ebc899d3b139cf9e63ae688dae99e91c8bcf83672e535c34046ea097d85757a5aa495fb9b9fd3e966293067a2a951064a3
SSDEEP
768:nbY4lSUy0Q6ixZ9jXGR0phWy/5EiIa0dE0F2AY2Vl0KMZLCB0fiW3bQbJdypfgX:EGDxQ6iPVGR0phWyOWs17zMociq+sy
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
ce2bfffca79d0d9af212d999d0e2fa76_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ