Outt
Sett
Behavioral task
behavioral1
Sample
d2e72b64d70a52768dee7c1e54544e71_JaffaCakes118.dll
Resource
win7-20240903-en
Target
d2e72b64d70a52768dee7c1e54544e71_JaffaCakes118
Size
55KB
MD5
d2e72b64d70a52768dee7c1e54544e71
SHA1
8da10c506873ef2498297788561a8b234db520ae
SHA256
4ec393d66ed57950e104e6c01a127e4a1d8d8abd59bd7e20ef7a713e09f385c5
SHA512
f00abd77d6156cebba57abce96c8e4688eff9470622d6ad8bcb99106f3c3d48059eb851028d7fa6c42c254628ea522b71b176a0b5c5f7fcee4abca8f63871c59
SSDEEP
768:yuUr3ip/IHI7NQTv766Cq3xKqsabSsxWY3K4JwtIS+t3FgwpGvnJrpSq8qXPj:yl3E0TmgQqPJjn18JYqrXL
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
d2e72b64d70a52768dee7c1e54544e71_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ