Behavioral task
behavioral1
Sample
19a9a12896bf540f63a42e75b48534a2_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
19a9a12896bf540f63a42e75b48534a2_JaffaCakes118.exe
Resource
win10v2004-20240611-en
General
-
Target
19a9a12896bf540f63a42e75b48534a2_JaffaCakes118
-
Size
385KB
-
MD5
19a9a12896bf540f63a42e75b48534a2
-
SHA1
aa92edabc827e8457682ae70ffd35ae75bd36632
-
SHA256
1984e5110c1821ab6efa9723b8ab8c3095e5983c1cfae137bbe3a6e4c842de55
-
SHA512
285ac437f57537443d7b08dc5cb18c52d2877c3288b7b55c3eb6e1a8b6b272547bb71c7272e757b60e8f7c49a0e96bb18585f2ae2a9c626c9722fc75d8f9ca46
-
SSDEEP
12288:h5F70FQnGsfbToXnu3W5V/OgyEj0HYtgiPqJMf61uZPvgeMPFqg7:hLm0GszMnycV/ngeZg
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 19a9a12896bf540f63a42e75b48534a2_JaffaCakes118
Files
-
19a9a12896bf540f63a42e75b48534a2_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: 196KB - Virtual size: 196KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 176KB - Virtual size: 180KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE