Behavioral task
behavioral1
Sample
a71d8dd7e6680716b883f8df2381a828_JaffaCakes118.exe
Resource
win7-20240221-en
General
-
Target
a71d8dd7e6680716b883f8df2381a828_JaffaCakes118
-
Size
4.7MB
-
MD5
a71d8dd7e6680716b883f8df2381a828
-
SHA1
bbc34fc84a8e9f5a31e0f4ab9a0dd7036535d256
-
SHA256
205ccdf66bd9c7092e54b658256a82b590317160bc928581840ebdb942bd23e5
-
SHA512
fc0b0146315b2fa3f55f2710e31b5db8106e9090b79e2849d53ead474bacd43cac0a6fc1609934ca8a23a301c80b39671d4158aeb4e5ed1313f8dce87dc0d61b
-
SSDEEP
98304:hjJP7a4N6UTDwmK6MiCRMxc5jXzIUJLKnsgTPgN+9zTha4YilLmzJoF:BJW4snP6ZOMW8UKfUN+RThMKLHF
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a71d8dd7e6680716b883f8df2381a828_JaffaCakes118
Files
-
a71d8dd7e6680716b883f8df2381a828_JaffaCakes118.exe windows:5 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: - Virtual size: 9.4MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 4.2MB - Virtual size: 4.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512KB - Virtual size: 512KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE