Behavioral task
behavioral1
Sample
1b31c666c7c9856ef5c2645c5e5b1d8b_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
1b31c666c7c9856ef5c2645c5e5b1d8b_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
1b31c666c7c9856ef5c2645c5e5b1d8b_JaffaCakes118
-
Size
745KB
-
MD5
1b31c666c7c9856ef5c2645c5e5b1d8b
-
SHA1
2903fd32792e30997123f982c82c0d45011d1db6
-
SHA256
b9e5efa8490d0b286a0a0dcfc19f4fce758231142a8a4310140cd41c32c3ce39
-
SHA512
f79d241f527e2c12a12157b430b14d2d999bc96aec7bee0333c575cfbeceb6e07cfcfce9c8eb94ea6a29408f0b4f2af1d1f37783ea9ef84dc6d79fee2ba37fd2
-
SSDEEP
12288:ZOR40Ruyq1gvDfzDyus2xzjqb1EPFDvvIMFK8PRyoY8UiApEM4Ah7PTl2lBGc7S0:ZOa0oqfDyusYA94S2b5gC2Yr
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1b31c666c7c9856ef5c2645c5e5b1d8b_JaffaCakes118
Files
-
1b31c666c7c9856ef5c2645c5e5b1d8b_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: 468KB - Virtual size: 468KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 265KB - Virtual size: 268KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 11KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE