Behavioral task
behavioral1
Sample
e926a90136b04dda9528372a91ac7ba7_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e926a90136b04dda9528372a91ac7ba7_JaffaCakes118.exe
Resource
win10v2004-20240226-en
General
-
Target
e926a90136b04dda9528372a91ac7ba7_JaffaCakes118
-
Size
17KB
-
MD5
e926a90136b04dda9528372a91ac7ba7
-
SHA1
e10a017293772e72817780af209b4d1cf9f63dfb
-
SHA256
659817985c4b1b603d998988d22b785c5e79da43d1b1f52e104054084521b90f
-
SHA512
202ac44f2cdce78e97d48c8aea447a8ab7c4f0f4055ded22ccfdb6997010492f02891f02e9ea08f4cd2957b4a96ccb50f55bc5a0615682999ae176fad2351deb
-
SSDEEP
384:eWacOcKxGRziyg23V1cPW7UG+xaNJawcudoD7U4IkeASvVU:e6O5Wz6OLco5+knbcuyD7U4IkjI+
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource e926a90136b04dda9528372a91ac7ba7_JaffaCakes118
Files
-
e926a90136b04dda9528372a91ac7ba7_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 40KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 13KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE