Behavioral task
behavioral1
Sample
184b9df49ce837a56d6d893cc1714794_JaffaCakes118.exe
Resource
win7-20240220-en
General
-
Target
184b9df49ce837a56d6d893cc1714794_JaffaCakes118
-
Size
403KB
-
MD5
184b9df49ce837a56d6d893cc1714794
-
SHA1
bca34692e07e2bb2a701eb702775fff90a061dee
-
SHA256
f202f3af4ca77f6ec5e5290bc5f7fde6d405306d02d5da3c81fbb404a63fafa0
-
SHA512
9fc76367b92fc1b3e577b7669a22cc5dc153c7721bfefb93e9bf12408907375a158343091bf0d584231de44969fea3f0d1e609b040924e97b44e3b14c9cefdfe
-
SSDEEP
6144:85SXvBoDWoyLYyzbkPC4DYM6SB6v+qLnAzYmhwrxcvkzmSBroh3:8IfBoDWoyFblU6hAJQnO9
Malware Config
Signatures
-
Urelas family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 184b9df49ce837a56d6d893cc1714794_JaffaCakes118
Files
-
184b9df49ce837a56d6d893cc1714794_JaffaCakes118.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 106KB - Virtual size: 105KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 6KB - Virtual size: 18KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 225KB - Virtual size: 225KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HJSDRTRW Size: 25KB - Virtual size: 28KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ap0x Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE