Behavioral task
behavioral1
Sample
04cfe2029c28b4d9f1d30b46872d0e72_JaffaCakes118.exe
Resource
win7-20240419-en
General
-
Target
04cfe2029c28b4d9f1d30b46872d0e72_JaffaCakes118
-
Size
8.6MB
-
MD5
04cfe2029c28b4d9f1d30b46872d0e72
-
SHA1
a2e0b498576666204900c681d350fb8f597e9cc9
-
SHA256
9403dc90d5494ca5685c87aeedc17898adab5725c2c1fcde7bc1143fb96ebb2a
-
SHA512
ff51d4a759d61b9aa53c14f66dc06843b529daff076d996706b3684f88f92ad3317f5ac466e98b507a66a57fb9d2fa9ab4abc7e020decc54d48428e7c5623d74
-
SSDEEP
98304:It6AVXghXDQySXyjaRIHK4IeLzwuh/6Bl:ItzCFQySCjCIRI4zwuhUl
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 04cfe2029c28b4d9f1d30b46872d0e72_JaffaCakes118
Files
-
04cfe2029c28b4d9f1d30b46872d0e72_JaffaCakes118.exe windows:4 windows x64 arch:x64
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 8.4MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 4.3MB - Virtual size: 4.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE