HashRecord0
HashRecord1
HashRecord2
HashRecord3
HashRecord4
HashRecord5
HashRecord6
Static task
static1
Behavioral task
behavioral1
Sample
5248049e1305cb1e3992f3fa82b11531_JaffaCakes118.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
5248049e1305cb1e3992f3fa82b11531_JaffaCakes118.dll
Resource
win10v2004-20241007-en
Target
5248049e1305cb1e3992f3fa82b11531_JaffaCakes118
Size
13KB
MD5
5248049e1305cb1e3992f3fa82b11531
SHA1
ccb3f8ee74a176e298b0a86e58cc465c3eb59037
SHA256
ae33e5ee6182ce3ce92903f889d3e16531d845f0a44b7d3f78f656fdd7a8c664
SHA512
cc4d6e013b0381719ad6eb4678cad97ee153a7aa78eab7a55f5728733178a7b34e18ae9ad4cd8b89ed82d3efa2101c6c31fb68037f9aaa03a3e5ed02539e98c8
SSDEEP
384:R1Qea7IZaAjZj4PEdYZ3ApFRVrjevjvhzUqnc/:q7IR5Az4FRZAvhs/
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
Checks for missing Authenticode signature.
resource |
---|
5248049e1305cb1e3992f3fa82b11531_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
HashRecord0
HashRecord1
HashRecord2
HashRecord3
HashRecord4
HashRecord5
HashRecord6
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE