Outt
Sett
Behavioral task
behavioral1
Sample
d428d61508580ab918673c0cf5ef8388_JaffaCakes118.dll
Resource
win7-20240903-en
Target
d428d61508580ab918673c0cf5ef8388_JaffaCakes118
Size
59KB
MD5
d428d61508580ab918673c0cf5ef8388
SHA1
6426ff9cdc2f9e33dff09c8826fb44e33031ba4e
SHA256
19f520310b6ec39ae4a94bed809585d9d609e97db39a1fedfc5fae13125359e5
SHA512
bb275920d8fae874276de4f38bd5fc3894a76e2d46797e5a7152557dec57ef905e6fb246c08f5a7377671d6c23c8791b1c77258344c48022ea46b19eb8b80ab0
SSDEEP
1536:Bm1NGJVGobEjzaAm7nwgW65fFjjVoH083rh:kX0VZyxmsb65fpjVN83rh
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
d428d61508580ab918673c0cf5ef8388_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ