Behavioral task
behavioral1
Sample
ece22edeb630f6ea780e2ddc01fa0005_JaffaCakes118.exe
Resource
win7-20240221-en
General
-
Target
ece22edeb630f6ea780e2ddc01fa0005_JaffaCakes118
-
Size
423KB
-
MD5
ece22edeb630f6ea780e2ddc01fa0005
-
SHA1
1804adb8a736799c0d8c3b9556335b19c7d83ebb
-
SHA256
43ed2b2e7cea9419473cdb249f29f9d5d340c955046e9ccfd4506a9ea9bcb60c
-
SHA512
0c0291723dfdd0645c3a0d8ebb95cb4b3b71468e258d3ff95e4864db1afba8f8db99ff11e2a08e3e97b597ce51dd004132df6f44bbcefd2b89be1a2dfd6d1a3f
-
SSDEEP
12288:ClghoSqaNJ/Jj0rvipd0ysnewRU16PUAQ9muZ:Qg2aNb0rqkyWO1mU58A
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource ece22edeb630f6ea780e2ddc01fa0005_JaffaCakes118
Files
-
ece22edeb630f6ea780e2ddc01fa0005_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 80KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 52KB - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE