InstallU
PluginCommand
PluginMain
PluginName
PluginType
PluginVersion
WSPStartup
Behavioral task
behavioral1
Sample
d174b80c6aa2efd74de446533270b6de_JaffaCakes118.dll
Resource
win7-20240708-en
Target
d174b80c6aa2efd74de446533270b6de_JaffaCakes118
Size
98KB
MD5
d174b80c6aa2efd74de446533270b6de
SHA1
b0dffab6965c8d584447f368988751a25f32d2a9
SHA256
3ae4896c58b3a395eb17952028f1dd2ce9ebe1c6c65819466c33d2bdf51e7195
SHA512
04afb9b0cb908200a22523a46cb8ea2f525573e3fb6d89c3a15e2fc62bd6d588e5714fe0c6bdf2b74b91fb0b3b7fd9458f84f15b7003edced7ebdfe623710345
SSDEEP
3072:RoTywKVnuASLEX2j2ZcDJ33YG891rILGi:RXGjGcDtp89BIL
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
d174b80c6aa2efd74de446533270b6de_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
InstallU
PluginCommand
PluginMain
PluginName
PluginType
PluginVersion
WSPStartup
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ