Outt
Sett
Behavioral task
behavioral1
Sample
fb8e032c15d4233b21c5d45593452826_JaffaCakes118.dll
Resource
win7-20240903-en
Target
fb8e032c15d4233b21c5d45593452826_JaffaCakes118
Size
70KB
MD5
fb8e032c15d4233b21c5d45593452826
SHA1
5b3fbeb32344517a1efa926ed6df0c6d2cb65c04
SHA256
0fce28e85fc0102cfa7b6c20406060ef298a1d833b782eeaa00156d9d934c541
SHA512
3ede8781030cbb8ab3709e675ca395f108ae124d1a9e0e82db2ff4d21fda3fa2dc0c537a3cde9cb218a4a9f118e58ff2441fa9dc1ec3a3517ad90318957f957a
SSDEEP
1536:HKvv9jeCw6l9n+Eu2Uk3Qkqd5/BAZjQRxNtyeqqrCKU0y4PSuvBzw:TSHu2UNaMN4xqxVP1Nw
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
fb8e032c15d4233b21c5d45593452826_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ