Behavioral task
behavioral1
Sample
fbd81db8ec3c46dc6093afbbdcaf9821_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fbd81db8ec3c46dc6093afbbdcaf9821_JaffaCakes118.exe
Resource
win10v2004-20240412-en
General
-
Target
fbd81db8ec3c46dc6093afbbdcaf9821_JaffaCakes118
-
Size
136KB
-
MD5
fbd81db8ec3c46dc6093afbbdcaf9821
-
SHA1
efdb5c939d380c6172e7833b3e657f4e11a879cf
-
SHA256
f2c77d01cc9241f08a71c22e01a094783f0b18c8e0de502588af14c2344e0965
-
SHA512
14ecea7782de415c5396253d2a1f6d592a9644713e8da1c4f06fb781d26ef7e3c37e96cf65335985570770b3e89eb52b73753eeb3cdc97f5f7d529d0efd2175a
-
SSDEEP
3072:blN9RkkkkkkTLJ0YufKOpHuMSIzxJzef5V09629:5dkkkkkkZpOpHRSwrs5W629
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource fbd81db8ec3c46dc6093afbbdcaf9821_JaffaCakes118
Files
-
fbd81db8ec3c46dc6093afbbdcaf9821_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: - Virtual size: 56KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 74KB - Virtual size: 76KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE