Behavioral task
behavioral1
Sample
238e9d90cd72270473a2b23f68839774_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
238e9d90cd72270473a2b23f68839774_JaffaCakes118.exe
Resource
win10v2004-20240419-en
Errors
General
-
Target
238e9d90cd72270473a2b23f68839774_JaffaCakes118
-
Size
100KB
-
MD5
238e9d90cd72270473a2b23f68839774
-
SHA1
996a203d5a98758e5cde3abf19aee9c36223623b
-
SHA256
365626c4733fffc9e794d804d9910fbff979935f4a5f42beb50d8c0018729066
-
SHA512
236b773b4a7af99cb635613ea70ece970f26954e38ff0d758458d373bb7e497416e293051c417574e6b9c4e590924de4f9bfd3474b030aa84a7909e5c0a1f9f2
-
SSDEEP
3072:oVSk8eNW2ZyKTKbxy2FBB3Z73eIRZwfJnzm:GSkBW2EKTKbxfBpZ7SfBm
Malware Config
Signatures
-
Trickbot family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 238e9d90cd72270473a2b23f68839774_JaffaCakes118
Files
-
238e9d90cd72270473a2b23f68839774_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 89KB - Virtual size: 89KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ