ChangeMe
GetFileVersion
OutPutText
RegisLongers
Behavioral task
behavioral1
Sample
f705e7617e6b14212152a5e80806610d_JaffaCakes118.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
f705e7617e6b14212152a5e80806610d_JaffaCakes118.dll
Resource
win10v2004-20240802-en
Target
f705e7617e6b14212152a5e80806610d_JaffaCakes118
Size
521KB
MD5
f705e7617e6b14212152a5e80806610d
SHA1
e6542d2827c611bc6583b0c3f626f2cafa86ee59
SHA256
3e3a51c48d448c193516be02718b9a8f0e3f5474839de5409ccb67b90e9f4f6e
SHA512
bf61c2e69bfa85f00bdab2c9a21032f4a6d04d51ee3f3423b3811138ee6f97b5787a66a2941c192a72a132b4c82b7158e8ef761654ce024aca6cac3afc768172
SSDEEP
12288:04JE0t+khqGj9PRjEhb6YmZLAoWlZGEiXIgbz8iOGa0EQ2jHSb:F2zkokDW6DZ2lkXZbBOGa0j2jHSb
resource | yara_rule |
---|---|
sample | aspack_v212_v242 |
Checks for missing Authenticode signature.
resource |
---|
f705e7617e6b14212152a5e80806610d_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
ChangeMe
GetFileVersion
OutPutText
RegisLongers
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE