Behavioral task
behavioral1
Sample
ff32ba6868730fcf45b8e9d8315598b0_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
ff32ba6868730fcf45b8e9d8315598b0_JaffaCakes118.exe
Resource
win10v2004-20240412-en
General
-
Target
ff32ba6868730fcf45b8e9d8315598b0_JaffaCakes118
-
Size
1.5MB
-
MD5
ff32ba6868730fcf45b8e9d8315598b0
-
SHA1
d7486565e16b5975ef6469cfff47795d575b95d1
-
SHA256
3741d4aea2ab722f0ac27018766b9493401d20dbf74bfcbdd185d3c42c1ecccc
-
SHA512
d796764076c0ad3e34479dfcf5f9c61636b9eff6b93ac2eb996fcc2d962c8fe75b16f9fb2f922469f260efa043520f064c8a9b862adaab5f11710358880f9620
-
SSDEEP
24576:dO+xgKHcRKKeoqtPOUrrz4TPHod/h9MNzJXHapCN3cqd5W:wjKHcRKXfP7XAPHq/hK3KpCN3c8
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ff32ba6868730fcf45b8e9d8315598b0_JaffaCakes118
Files
-
ff32ba6868730fcf45b8e9d8315598b0_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 3.6MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 135KB - Virtual size: 136KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE