Behavioral task
behavioral1
Sample
f8d627192a9eda7a065271b676c061a2_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f8d627192a9eda7a065271b676c061a2_JaffaCakes118.exe
Resource
win10v2004-20240412-en
General
-
Target
f8d627192a9eda7a065271b676c061a2_JaffaCakes118
-
Size
3.9MB
-
MD5
f8d627192a9eda7a065271b676c061a2
-
SHA1
98a922c88e0a34a97b9fcf3522fd34b85c7e535d
-
SHA256
a7ee7805ce928cd3482328ac4085cd73dff269b58dedf76637e7e3b40a37a676
-
SHA512
b9f34b6dbf888ccbab5ae0cd75791d3c9d0162345ebd8558f6d69f9cd7b7300b0eb7e147cd3dd85b4a961022b048cc56942f8b8d625c7c7dd29feacc411f6e4c
-
SSDEEP
98304:VavtarUSP4LtnyvdPJ7EFkxcOSP4Ltnx+UTcUuSP4LtnyvdPJ7EFkxcOSP4Ltn:VKtarzBVPJAFWct1URBVPJAFWct
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource f8d627192a9eda7a065271b676c061a2_JaffaCakes118
Files
-
f8d627192a9eda7a065271b676c061a2_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 1.9MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 500KB - Virtual size: 504KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE