Behavioral task
behavioral1
Sample
f3ab52a8c05263acf1fca3dd2b21ab62_JaffaCakes118.exe
Resource
win7-20240221-en
General
-
Target
f3ab52a8c05263acf1fca3dd2b21ab62_JaffaCakes118
-
Size
1.5MB
-
MD5
f3ab52a8c05263acf1fca3dd2b21ab62
-
SHA1
3988994c8d4e540992109c5e4ef21a292e12fed2
-
SHA256
b960a9830e6aefee3de7636d482bf44805177f210349289baf38205586d23b5d
-
SHA512
f4a6924c038e065b86a26f458810208eedfe19599a982a36b88d5c07f359c01392a98f35e61460dcadd60e190a038db2abdcd9a905d29fd66b248596356737e6
-
SSDEEP
49152:c0gSktK0cRuGUp6GdxbuIF8BlajxpWjLB+:TDKBc1Up6GaswfB
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource f3ab52a8c05263acf1fca3dd2b21ab62_JaffaCakes118
Files
-
f3ab52a8c05263acf1fca3dd2b21ab62_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 2.3MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 783KB - Virtual size: 784KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE