F1122
Kicks
Lake
Yoke
Zeke
Behavioral task
behavioral1
Sample
f4e4a495483be5971017becb0f670c28_JaffaCakes118.dll
Resource
win7-20240903-en
Target
f4e4a495483be5971017becb0f670c28_JaffaCakes118
Size
178KB
MD5
f4e4a495483be5971017becb0f670c28
SHA1
fdcc13be0a7e281a4eb55d881abe992560056878
SHA256
e33aacb7d415fb7e74faccd5b7355c6ae1bd7ab4fb5ac1acec13ed14bfcae77d
SHA512
bd056eadfa6a2d03d72abf0b3ef6d7663a064b943aa71dfd2229af510ec9f786c81406527223cdc42866c2fe4be8d4fe2b066c5584da91d08c9d0fa18b455230
SSDEEP
3072:XlLYPehIkKKSAO0DpjjfUSSGJ76aTbNqLqXIuGMAHG/c6gQ+q9luFfTVcoutQU9:1LrIFKhOKpjASSm7tt1GMAMDeTeoSn
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
f4e4a495483be5971017becb0f670c28_JaffaCakes118 |
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
F1122
Kicks
Lake
Yoke
Zeke
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE