Outt
Sett
Behavioral task
behavioral1
Sample
0459085494b1c5ce007eb82132faa34c_JaffaCakes118.dll
Resource
win7-20240903-en
Target
0459085494b1c5ce007eb82132faa34c_JaffaCakes118
Size
57KB
MD5
0459085494b1c5ce007eb82132faa34c
SHA1
c4285ced60043b0aac2bc48a152655f9cfe0adf0
SHA256
b741b180b0beca5124dbddea7b08cd3b02d602426917357eb270cd1a4d92e0be
SHA512
2be6a8a2c28fac0382fb1fdf5f1a47cb74d9ffe21d3018e74bec0a6f6b5047ce44a65847cb75807fad1fd01dbc116b14cc7f071e5c0e3b7f8c4ca9abc6c2d4b2
SSDEEP
1536:e6PViKgShvoSLdMSQKg35eZpOW/ePs7ISFtS:RViKV2SLdsKe5cpTIs73FtS
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
0459085494b1c5ce007eb82132faa34c_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ