Behavioral task
behavioral1
Sample
0676023f0de50d5d004a9205438f2373_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
0676023f0de50d5d004a9205438f2373_JaffaCakes118.exe
Resource
win10v2004-20240226-en
General
-
Target
0676023f0de50d5d004a9205438f2373_JaffaCakes118
-
Size
332KB
-
MD5
0676023f0de50d5d004a9205438f2373
-
SHA1
1e490e64e3d106e2af8a5994c28d31f2287ad1b2
-
SHA256
6763746d986c36875141668759861e13be9d5ad9ce73f20ff564a004a556e7d6
-
SHA512
0513c5726e5be609d92ebfb9cfcd1bf246e0673ded29410d0c205696b5e3f6acb331f9f73549ec39ba5c567a716c4fbd1a96258574493aa40a1b48e4db001b96
-
SSDEEP
6144:gcM5DWnN6aAW/2kXz20ckY+NIMZKHuWXC0QgihpWXfC7+:rM5DSN6aAH0XNp7gGpWa7+
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0676023f0de50d5d004a9205438f2373_JaffaCakes118
Files
-
0676023f0de50d5d004a9205438f2373_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 424KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 193KB - Virtual size: 196KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 157KB - Virtual size: 195KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE