Behavioral task
behavioral1
Sample
e9daf89ba79b68819de9ebd2a8bde3ca_JaffaCakes118.exe
Resource
win7-20240221-en
General
-
Target
e9daf89ba79b68819de9ebd2a8bde3ca_JaffaCakes118
-
Size
161KB
-
MD5
e9daf89ba79b68819de9ebd2a8bde3ca
-
SHA1
5f6a4c73677e741a21bea9d58125e98a14231613
-
SHA256
5be7c8fc44c39008ea53591bfd355b3bb4d313df1a9664def041bcd97d2985c9
-
SHA512
69042a6ad36ddf229b36d11e4ecd8220b7035bae8f47d7a2b2c1e8d25359fcf41ad5be9c420290220d80dea335d156a03b2425aea3e4b2a21a3a74fd9de77348
-
SSDEEP
3072:ETUtZpaaUJ7FlxTTUXdu/6NIqjRcNQlUUgUS0a:IcpavHIfNXbGUXS0a
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource e9daf89ba79b68819de9ebd2a8bde3ca_JaffaCakes118
Files
-
e9daf89ba79b68819de9ebd2a8bde3ca_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 112KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 65KB - Virtual size: 68KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 94KB - Virtual size: 96KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
shjevhm Size: - Virtual size: 4KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE