Behavioral task
behavioral1
Sample
eda7af242f73ac558197f6563732128b_JaffaCakes118.exe
Resource
win7-20240221-en
General
-
Target
eda7af242f73ac558197f6563732128b_JaffaCakes118
-
Size
784KB
-
MD5
eda7af242f73ac558197f6563732128b
-
SHA1
a32d226b9070ad5c9a5ab6e6a573f93edb4280f5
-
SHA256
489c5ae0ec7883639eeaa099b1c988a4eb13cee616434c85ed52691a70ff81f0
-
SHA512
8ab623970e93073c5c660c54088c2d9ba51e0f13ec7e25e8d7a0ccdec4e427020e1d0ca68bb479e5a606934c182dd6ebe342d5ad1be5dc7a42cf71e23f346793
-
SSDEEP
12288:RJkN4C9ykFC3eLqylpoJHemKToErHn1qrkjAXtFpB8r0A9nA:ReN4C9ykw34q/HeocIkjmmR
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource eda7af242f73ac558197f6563732128b_JaffaCakes118
Files
-
eda7af242f73ac558197f6563732128b_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 2.3MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 783KB - Virtual size: 784KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE