Outt
Sett
Behavioral task
behavioral1
Sample
138e1c3305ac8d6989a19bb8a2deb00d_JaffaCakes118.dll
Resource
win7-20240708-en
Target
138e1c3305ac8d6989a19bb8a2deb00d_JaffaCakes118
Size
56KB
MD5
138e1c3305ac8d6989a19bb8a2deb00d
SHA1
0ec0f0078a5e642f69120ff72d1544e0dd399e10
SHA256
e5254ebe19a1cae87ad7c3a3a881727383aa5b91e883578024aaf40040ca012c
SHA512
8cc451cc072ac054bb67fb70f2046dd3ebe3bda3a4da67b390ea2777357167781e573453683579070864b35d6efb14ca311e31aa3215bd406bc448ae6b553039
SSDEEP
1536:OBRVgrExucMnCpPSbKhFqbwDHc4MpIO9413sc:ERRs9SKuhbT5MGO9o3L
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
138e1c3305ac8d6989a19bb8a2deb00d_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ