Outt
Sett
Behavioral task
behavioral1
Sample
cf9aefbdfa62c6973888ae94556633bc_JaffaCakes118.dll
Resource
win7-20240708-en
Target
cf9aefbdfa62c6973888ae94556633bc_JaffaCakes118
Size
65KB
MD5
cf9aefbdfa62c6973888ae94556633bc
SHA1
1eb93034951c672fab277479d4947825d90115a6
SHA256
4f4daa23bac25b721de5722f0d751df7dd079e7418b5c2acdc0dc35461518111
SHA512
0bc4074d8ce3dac2d503871276e5659d144910d67c232c0a71c285e84fa45bfc9aae74417d02935cd11a74278e8d56242ade9e15a82708f6532a945607713f44
SSDEEP
1536:yl3E0Tw3NFCefACsO9ywMPJrhwMt1fJ5vH6X:E39U+mhsRwermM/aX
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
cf9aefbdfa62c6973888ae94556633bc_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ