Behavioral task
behavioral1
Sample
6ea63b19ab915004dbcdd897be2732ea_JaffaCakes118.exe
Resource
win7-20240215-en
General
-
Target
6ea63b19ab915004dbcdd897be2732ea_JaffaCakes118
-
Size
232KB
-
MD5
6ea63b19ab915004dbcdd897be2732ea
-
SHA1
0dfd7c640613bb5d0e6f9e65ea08ccb9be3d69bd
-
SHA256
92a2ba7862cc023cf08fbe7c0d2f0f26db5ba277e2e4075df123fa96a61f0e9d
-
SHA512
2316ff43980fe1814973cfd91f38d3f35ac8b141da9011ebfcadedb51c5aa4cec4b5fa589c38696a6d7002770fdb5d5c32cccdd7e1a3379b57dbd3400713c35c
-
SSDEEP
6144:6jz6KSJDcvupfIuy/9i9UAKj2iwSJr6wY20tMPB/Ah1:ySGvBVoUiiwSJr6pJMPBi1
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 6ea63b19ab915004dbcdd897be2732ea_JaffaCakes118
Files
-
6ea63b19ab915004dbcdd897be2732ea_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 216KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 114KB - Virtual size: 116KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 31KB - Virtual size: 32KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
vkyqjzx Size: - Virtual size: 4KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rmnet Size: 86KB - Virtual size: 88KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE