Behavioral task
behavioral1
Sample
fa274ebd3262cf3f0638e111a37412cf_JaffaCakes118.exe
Resource
win7-20240220-en
General
-
Target
fa274ebd3262cf3f0638e111a37412cf_JaffaCakes118
-
Size
474KB
-
MD5
fa274ebd3262cf3f0638e111a37412cf
-
SHA1
0a9d0b776d32fed3ec4ef7301cc2ef54517608bb
-
SHA256
8cc83aab8c312f410d651883a721cc064be4b8d88070aedbaaa4952fb47b6550
-
SHA512
90634c4104d9d42c812ecaaaf241d6597d5f8da9fa1056a4e0a787bfbffee9a98ee528a640bea5e91fde0b87fedca180651b09823f8aca4c413f43e1f3a9eef6
-
SSDEEP
12288:JrUNl8fJEu2qz4fJgezdeAN4Zp13UvWoS:JrUNY2xRZpeASV3
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource fa274ebd3262cf3f0638e111a37412cf_JaffaCakes118
Files
-
fa274ebd3262cf3f0638e111a37412cf_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 248KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 472KB - Virtual size: 476KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE