Behavioral task
behavioral1
Sample
e2bdbcf5a5dd07cc96eba93b42404abc_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
e2bdbcf5a5dd07cc96eba93b42404abc_JaffaCakes118.exe
Resource
win10v2004-20240226-en
General
-
Target
e2bdbcf5a5dd07cc96eba93b42404abc_JaffaCakes118
-
Size
133KB
-
MD5
e2bdbcf5a5dd07cc96eba93b42404abc
-
SHA1
7b587c0cd1fd4fce5f6b7d0bc75827b102128960
-
SHA256
005c62748a72fbc07d24071a74b607322fd3a6e2005d27ebcc271a92d12fee60
-
SHA512
19a0bfc501f51a7f768ab96751a4a1ed3d4a89a171e7ba3e4fdb19f7561f53d8414dc5904ad5b275eec9aa05dbfa4cfca189e19507c4672c4087b9f13979a0b6
-
SSDEEP
3072:8nMgaWidBq7b1RM/Z+lRxzlaptaoLJ+10fx7aVMeqbQ1MipJqQ:+5idBob1Rm+LxxayARa2BQW6UQ
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource e2bdbcf5a5dd07cc96eba93b42404abc_JaffaCakes118
Files
-
e2bdbcf5a5dd07cc96eba93b42404abc_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 396KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 131KB - Virtual size: 132KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE