Outt
Sett
Behavioral task
behavioral1
Sample
4481ab14b76f1cd6806c9fcd5f6208c8_JaffaCakes118.dll
Resource
win7-20240903-en
Target
4481ab14b76f1cd6806c9fcd5f6208c8_JaffaCakes118
Size
47KB
MD5
4481ab14b76f1cd6806c9fcd5f6208c8
SHA1
1fbfc9f55e7eb7636a8062eda44f663e628888f7
SHA256
cb021ffe95da5b6e4dce907526669d1d4f9cfe1d3e41ffe492dd62d96217d43d
SHA512
1f5a54277de91253fa830e7d9ce0512c39bcb9533212542df118e79ed44665df5db088a448230899c2c4d7f5d765882c2b7f58ece736276132638437497a0ea0
SSDEEP
768:yuUr3ip/IHI7NQTv9eVhLob7/a+W89Zr5wXwoVVjBdpEyFoT4wmNOI+RGr1LJ:yl3E0TINob7ya338DdnFoT0d9
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
4481ab14b76f1cd6806c9fcd5f6208c8_JaffaCakes118 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ