Behavioral task
behavioral1
Sample
ff3a02672149effa6689afaa085fa5fe_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
ff3a02672149effa6689afaa085fa5fe_JaffaCakes118.exe
Resource
win10v2004-20240412-en
General
-
Target
ff3a02672149effa6689afaa085fa5fe_JaffaCakes118
-
Size
3.0MB
-
MD5
ff3a02672149effa6689afaa085fa5fe
-
SHA1
c1a6e0de3e0bced093bf149d9b2f98579ea02b3a
-
SHA256
0e72a91521feec6563f3efcebb06dfaab40d334e576a1fb14397bbe7952e6721
-
SHA512
05db034a20dc3c0f30d2528f043ba57ed0d4e1530880bd30addb572a5e9906eb8d37f0a67292be0d2d4b90df0fd1d9636d6ed356e7b0b1cde2882a24e9fcfe22
-
SSDEEP
49152:xVNDUFmDI2v8ccPIWcakLHQK50ZEIrBLcakLvUcb5jacakLHQK50ZEIrBLcakLj:JDUFmDI2v8ccPIWcakLv02IrBLcakwcl
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ff3a02672149effa6689afaa085fa5fe_JaffaCakes118
Files
-
ff3a02672149effa6689afaa085fa5fe_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 1.9MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 500KB - Virtual size: 504KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE