Behavioral task
behavioral1
Sample
20de843c9c2c09798c24ca34b6659100_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
20de843c9c2c09798c24ca34b6659100_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
20de843c9c2c09798c24ca34b6659100_JaffaCakes118
-
Size
123KB
-
MD5
20de843c9c2c09798c24ca34b6659100
-
SHA1
f545c70c09a20eaa2f9461df97d52a3373f34747
-
SHA256
41744bf82116d037f4c057b274fa84b9ae3c906c85352fb4243f5decf466ac09
-
SHA512
122bc58f0003f130657a4082952b7037c4148a41b02b339b711c2133dcf8a5382f909447376fe57a5cb74dbfcef89667468d7c774376d8766a2c08c08c45f79c
-
SSDEEP
3072:/rHQIP3DU/blYuuIQFgfHRGy+n5bRqzen5Fg0/pwDw6EP:DHKquu/FmxGy+ntB5Fg/EP
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 20de843c9c2c09798c24ca34b6659100_JaffaCakes118
Files
-
20de843c9c2c09798c24ca34b6659100_JaffaCakes118.exe windows:1 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 36KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 137KB - Virtual size: 140KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE