Behavioral task
behavioral1
Sample
f4db217f5e4f6879125aa413a754c59a_JaffaCakes118.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
f4db217f5e4f6879125aa413a754c59a_JaffaCakes118.exe
Resource
win10v2004-20240412-en
General
-
Target
f4db217f5e4f6879125aa413a754c59a_JaffaCakes118
-
Size
25KB
-
MD5
f4db217f5e4f6879125aa413a754c59a
-
SHA1
fd3709aeb49f31645b012cc6c10763ec79a4dd5e
-
SHA256
b5d4d3754e892919f46c97e4cd6fcf57682e54e79417b20b924ff62da106d88c
-
SHA512
6258192282d4562c7fdfb1d34b7d2cd2cf5d49ef15824a5f6a0fbac78e29867f55f19e203fb29b31c9987427c02b3b839a13e1a82654d3d192ab11c68a9ba672
-
SSDEEP
192:URbmMPghgAw4ojcspa95W7IUV4inYsZCqsVhj:kjAw4NV95W7IUV4inRZCqsVN
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource f4db217f5e4f6879125aa413a754c59a_JaffaCakes118
Files
-
f4db217f5e4f6879125aa413a754c59a_JaffaCakes118.exe windows:4 windows x86 arch:x86
d7e53ac3ef97b76a5e7e37939e55d719
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm50
DllFunctionCall
__vbaExceptHandler
ProcCallEngine
Sections
UPX0 Size: 24KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.avc Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE