fff
mmm
sss
Behavioral task
behavioral1
Sample
da3682c40632311e85b4d0ecaaf1cff0_JaffaCakes118.dll
Resource
win7-20240903-en
Target
da3682c40632311e85b4d0ecaaf1cff0_JaffaCakes118
Size
13KB
MD5
da3682c40632311e85b4d0ecaaf1cff0
SHA1
7309a56c418f53d99c4e2c5df53e82013ea64602
SHA256
c8ec1673cde04a7ffd47cd0f006a5e6747bfb9088a67677586fc84797458d1b1
SHA512
ab0c81cdfb4ddea8a4cbe55444f95f9f7f49bba406b1b21a8f1cdb1fe240245de6de2bb78e7dfd9ee33d2af9b1a18a016628647db6dcd36ecdc6f1acc5c112e3
SSDEEP
384:wiZbzQAJRSFQ0eZdGAQ7VaNJawcudoD7U:w4QIkQHZdg7InbcuyD7U
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
da3682c40632311e85b4d0ecaaf1cff0_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
fff
mmm
sss
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE