Behavioral task
behavioral1
Sample
ed19e58bcf6f7d9da5c29b3f51e95a09_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ed19e58bcf6f7d9da5c29b3f51e95a09_JaffaCakes118.exe
Resource
win10v2004-20240226-en
General
-
Target
ed19e58bcf6f7d9da5c29b3f51e95a09_JaffaCakes118
-
Size
133KB
-
MD5
ed19e58bcf6f7d9da5c29b3f51e95a09
-
SHA1
3ebd334f33000bc66d7e951d2f64e43001bb89d2
-
SHA256
43da1a04d7a6f7541344feaf660b0574c95d8bfc7f99214715360bfcc8fc2733
-
SHA512
cff3a0333e3e079cfac2520e41d075d333a99b3f0958aa4add12504018697086144e8d8440b3fd718c4a2f84afa4f1df7072fcee5fa87c796fd7fc5b1d40527e
-
SSDEEP
3072:wc6xRvaMaHjjL2Xr1nqE3YZQjh1AhYIuSoZQ:8wDGXtqE3YZESCITaQ
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ed19e58bcf6f7d9da5c29b3f51e95a09_JaffaCakes118
Files
-
ed19e58bcf6f7d9da5c29b3f51e95a09_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 396KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 131KB - Virtual size: 132KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE