Behavioral task
behavioral1
Sample
23aa70f9731ba2133174166649bcc6ea_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
23aa70f9731ba2133174166649bcc6ea_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
23aa70f9731ba2133174166649bcc6ea_JaffaCakes118
-
Size
649KB
-
MD5
23aa70f9731ba2133174166649bcc6ea
-
SHA1
5975efd1e52602e0523ef4b0852471501d5da2df
-
SHA256
beeecf7e90b27bfc5884272986224e2a1f07744da6139d86e61a8740a6f11e38
-
SHA512
8a64346ed68bf208dcbcd9d517ff75652e8d43480ae89610ecda35f8a1d7077070aff1d78987e9dccce86855540ec114e9372e932e1575d4c610380023aff56f
-
SSDEEP
12288:G+OQ62MoY26krH8A6KQlIpTjxycjCfqJLtRZ0gLnP3DnsFAuYo3ZcBZ:OQzA29cAm+9ycLJ5H0unP3Dn5KZcBZ
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 23aa70f9731ba2133174166649bcc6ea_JaffaCakes118
Files
-
23aa70f9731ba2133174166649bcc6ea_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: - Virtual size: 1.2MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 484KB - Virtual size: 488KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 164KB - Virtual size: 164KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE