Behavioral task
behavioral1
Sample
436c9436f32606d8b067bb3de289fc67_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
436c9436f32606d8b067bb3de289fc67_JaffaCakes118.exe
Resource
win10v2004-20240419-en
General
-
Target
436c9436f32606d8b067bb3de289fc67_JaffaCakes118.exe
-
Size
330KB
-
MD5
436c9436f32606d8b067bb3de289fc67
-
SHA1
3756c923489361a912bb95dbce6a365b73a9486e
-
SHA256
be7a4c8f426911c2631d095c878d7431e661348e40c03b43495bf4a4f0714d76
-
SHA512
af8e936ae5b19e0d53abd87466ca6427d9b74846f43993e2e32f53c1a81c8aae361a67f878741f452a76981a4385f9712e4555fa8151159eb4713d2b6536e742
-
SSDEEP
6144:wHpQSo1EZGtKgZGtK/CAIuZAIupQSo1EZGtKgZGtK/CAIuZAIuG:sQtyZGtKgZGtK/CAIuZAIupQtyZGtKgb
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 436c9436f32606d8b067bb3de289fc67_JaffaCakes118.exe
Files
-
436c9436f32606d8b067bb3de289fc67_JaffaCakes118.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 21KB - Virtual size: 24KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE