Outt
Sett
Behavioral task
behavioral1
Sample
d3b5c690f825fcae30c02dd19b00207c_JaffaCakes118.dll
Resource
win7-20240903-en
Target
d3b5c690f825fcae30c02dd19b00207c_JaffaCakes118
Size
55KB
MD5
d3b5c690f825fcae30c02dd19b00207c
SHA1
456e2e4b706f028d4251b75f98ba30b6d908c161
SHA256
4d38d637bfe81409d425b10a8ad0b67eb6645947d46ddc309e225f853e0bef6d
SHA512
00587e45b26b3c5fcdafd2420dca437699eac9a3884d5300d9531703fa8feecde6c114856e467c515e34bc587baeffd0fb2b3a2b210c8ba8f21d6a6de1d5f488
SSDEEP
1536:1zExMwCGQ2jCOce2MKFOd1+KgeYv+PK7ekbZ84D:1I+wCGvHce2lO/DYWq3Z84D
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
d3b5c690f825fcae30c02dd19b00207c_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ