Outt
Sett
Behavioral task
behavioral1
Sample
JaffaCakes118_40c05e4e17a800f67d194f0fe0cd556b.dll
Resource
win7-20240903-en
Target
JaffaCakes118_40c05e4e17a800f67d194f0fe0cd556b
Size
56KB
MD5
40c05e4e17a800f67d194f0fe0cd556b
SHA1
3715c9b1934414146388c617e65394afa82ec891
SHA256
d4f49ae46247ab74a0ce25054142248d1f2a9ea9e94f24c1a4d87c3c6cbc8079
SHA512
e75bf2a02d7807e33332fea0f146d8e020a0e4d19cff7a95a6a055bc93081f2dd1b1b441cd568f3448be40e3b641ec637c22ce8dce2617393d9474ee2473f5da
SSDEEP
768:9xBtKtqyLUkpLKq3LeOZ2mmlb6cE/pYgU7yg7d4rJtpyiDCu6THqx5ARanBullfE:96UmmlGlitFiJ3jWpTqkTlsKQ
Detects file using ACProtect software.
| resource | yara_rule |
|---|---|
| sample | acprotect |
| resource | yara_rule |
|---|---|
| sample | upx |
Checks for missing Authenticode signature.
| resource |
|---|
| JaffaCakes118_40c05e4e17a800f67d194f0fe0cd556b |
| unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Outt
Sett
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ