Outt
Sett
Behavioral task
behavioral1
Sample
eb1bd09e8b87b47038fe094033e177d1_JaffaCakes118.dll
Resource
win7-20240903-en
Target
eb1bd09e8b87b47038fe094033e177d1_JaffaCakes118
Size
59KB
MD5
eb1bd09e8b87b47038fe094033e177d1
SHA1
8ab877d6002eb6bc9021a5963ea128180bdc2da4
SHA256
00d5ed0018ba4d221a14281cbca87b5bfc0314713a3197445d48a3f6d469f216
SHA512
7eedb5b62c33190f6dcba31df40ae25cff63396fe425ac1e6931f2847616a4bbb5ecd42729ec426c1086d6d9b649069954dda02f58ba3fff448eed1857feca35
SSDEEP
768:nbY4lpP/lo/DNOY2q2dsshFzNyVAm2cxe8gUrWqpeNKvmABU3UZfG76kLF7ltCU:EGrKOY2hW/xXgFoeNKhU6fO6ctlUU
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
eb1bd09e8b87b47038fe094033e177d1_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ