Behavioral task
behavioral1
Sample
2e4a5ee417ff54e3bbaaddd2bc5253ae_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2e4a5ee417ff54e3bbaaddd2bc5253ae_JaffaCakes118.exe
Resource
win10v2004-20240426-en
General
-
Target
2e4a5ee417ff54e3bbaaddd2bc5253ae_JaffaCakes118
-
Size
345KB
-
MD5
2e4a5ee417ff54e3bbaaddd2bc5253ae
-
SHA1
803626cc5e2550669ef109a467a41661fe006e03
-
SHA256
5cdc64c997b2fd0086756d61eb82c329f8d35d6d2d23d74e97ce219297454812
-
SHA512
9e6281d5d76786aa785522b07e484055f25bbc27d06b40f25c073c4b6cb9359432f64a89d3b644ab4999a78808709f2aa306fb17d10259a25d3d506eebb615a2
-
SSDEEP
6144:j6cWd7WQ5IHkEGPcnoSFCAXewOVYsFpDSXknKk7ihw2FBTO6XuvJ91Z8cn:mcXRnoSFC0rOisrSXknKkmO27DyJ91t
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 2e4a5ee417ff54e3bbaaddd2bc5253ae_JaffaCakes118
Files
-
2e4a5ee417ff54e3bbaaddd2bc5253ae_JaffaCakes118.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 272KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 103KB - Virtual size: 104KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE