Behavioral task
behavioral1
Sample
19e86a13e3791e4bda4fbbcd7c8dd50d_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
19e86a13e3791e4bda4fbbcd7c8dd50d_JaffaCakes118.exe
Resource
win10v2004-20240226-en
General
-
Target
19e86a13e3791e4bda4fbbcd7c8dd50d_JaffaCakes118
-
Size
212KB
-
MD5
19e86a13e3791e4bda4fbbcd7c8dd50d
-
SHA1
cfdc9e022d7b8a7e021b11bc483a955644c2b8b2
-
SHA256
0181bdf7530c3fff1b586199f488c517ae2702c2bbe2405476a750bcc376d724
-
SHA512
434def6ef5252f6d605e1bb51e0dfb80ef511ebe2fa8694969b3554fd1147c8c05ceb3fcfe902e10897daa9172db93012f22df1ec60fdb95f22845a5d07235d4
-
SSDEEP
6144:oZC4d3lbxc6wU/UP+XhdMRFD3LAwektzoSkuO:p4dMRU/UP4heFjLDFtzoSU
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 19e86a13e3791e4bda4fbbcd7c8dd50d_JaffaCakes118
Files
-
19e86a13e3791e4bda4fbbcd7c8dd50d_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 268KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 195KB - Virtual size: 196KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 16KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE