Behavioral task
behavioral1
Sample
2476ab0d246561d35ffbc97ed64f7224_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2476ab0d246561d35ffbc97ed64f7224_JaffaCakes118.exe
Resource
win10v2004-20240611-en
General
-
Target
2476ab0d246561d35ffbc97ed64f7224_JaffaCakes118
-
Size
461KB
-
MD5
2476ab0d246561d35ffbc97ed64f7224
-
SHA1
e7cd618f1915128bf7122ed73a50a7ae754373a2
-
SHA256
fda48ba0393146cd26541d5c12677a04547fe767ebcde28ab0e03b9f31af5572
-
SHA512
ae63ea92c2b575852202ef7e8a0249ba9a21fe123b071ad0551e664bb619b05bd2cc7b189ad1cfc32ae10693f77cd6d5c9ee65fd066905a184146ef990ac3fc7
-
SSDEEP
6144:65zwKblu6SrOm071TQEnUZPo/2Mhwj92dZeneDjih1fF3mGjcd6SQntSo2Nw8Z3Z:kwKstRY1cQU1o3h0SqUG8oOi8ZBGr3g
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2476ab0d246561d35ffbc97ed64f7224_JaffaCakes118
Files
-
2476ab0d246561d35ffbc97ed64f7224_JaffaCakes118.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 80KB - Virtual size: 80KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 377KB - Virtual size: 380KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE