InitSQLConnect
SQLAlloc
SQLClose
SQLExecute
SQLFree
SQLQuery
Uninstall
Behavioral task
behavioral1
Sample
dec6827366152d704fa688a397d05c75_JaffaCakes118.dll
Resource
win7-20240903-en
Target
dec6827366152d704fa688a397d05c75_JaffaCakes118
Size
39KB
MD5
dec6827366152d704fa688a397d05c75
SHA1
897a36024861d2d5aa4ba23981aca189e51b7f6f
SHA256
564878bb9b8711d4efd193709cfcf0056ec1e620b541c4c48ce587d871c44265
SHA512
2cb77d338fe80137a7caa729d87049b9d12292c5c78260d118a0ca90b34d6a26811860227d2bfb0d6559d8c353df267480207c28cb169f6c0cf2a56f186bc319
SSDEEP
768:vspb3quW2gtOTNBJWRyO6ENhvgHTXYRdn9RClQB3U0++FdXl7a2:03iOTvYDgHKn9RCI3UQXl7a
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
dec6827366152d704fa688a397d05c75_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
InitSQLConnect
SQLAlloc
SQLClose
SQLExecute
SQLFree
SQLQuery
Uninstall
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.