Behavioral task
behavioral1
Sample
0e4ef23f767d35585ddf40244a902c45_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
0e4ef23f767d35585ddf40244a902c45_JaffaCakes118.exe
Resource
win10v2004-20240611-en
General
-
Target
0e4ef23f767d35585ddf40244a902c45_JaffaCakes118
-
Size
341KB
-
MD5
0e4ef23f767d35585ddf40244a902c45
-
SHA1
b7a6db34aea1092da126e1cfb0304e50d36a2a6b
-
SHA256
d07e960eb09cbb303806fc7b49875cb04d7c00e22d3ad0077c76d2932d060973
-
SHA512
7fb0844ea9138528aac1b3cad5fef1154fbd88502f043d0cb4db5eac9e35f892050bac7e7b1cb9fbdc6c44e07fcf1a39c4cd41390cfca7c54717a4ed1a4d950d
-
SSDEEP
6144:DtOWnVtnZO9fuwaJ6rzWnS4WR3xZMt6/MTN8kQpu01c7vS8sUhoj6sPbraaC:pRnLc9WwaJsKS4axSKMR8kbQ/3jeh
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0e4ef23f767d35585ddf40244a902c45_JaffaCakes118
Files
-
0e4ef23f767d35585ddf40244a902c45_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: - Virtual size: 564KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 503KB - Virtual size: 504KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 31KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE