Outt
Sett
Behavioral task
behavioral1
Sample
d252eaa43d3d81e92bbc7a679998e6ec_JaffaCakes118.dll
Resource
win7-20240903-en
Target
d252eaa43d3d81e92bbc7a679998e6ec_JaffaCakes118
Size
80KB
MD5
d252eaa43d3d81e92bbc7a679998e6ec
SHA1
444fa9117e9dde7696dd63193b9e577b5d777a92
SHA256
43929dd985e99021dd130ffcb0c596a5dfe4309b9ad5ffd5dec63eac0027df9a
SHA512
2b51e0fb4e55b41c85fd91969460da7319588480bb7e39ec8304784fa6cabe83fa0eefa55aed038c123b6ba08ee96171c6a9f26f8d96d8310e57e0de66366f7a
SSDEEP
1536:Bm1NGJVGeS7z9dPGmS2zhAnHSr3upFf/M1DCFzUUTud1:kX0V/Sn9dPQA4yr+pFs1DCCUTuj
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
d252eaa43d3d81e92bbc7a679998e6ec_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ