Behavioral task
behavioral1
Sample
261c8fadbeb51a4e4d70788778e19fcc_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
261c8fadbeb51a4e4d70788778e19fcc_JaffaCakes118.exe
Resource
win10v2004-20240704-en
General
-
Target
261c8fadbeb51a4e4d70788778e19fcc_JaffaCakes118
-
Size
413KB
-
MD5
261c8fadbeb51a4e4d70788778e19fcc
-
SHA1
7d8f8a9a7b1e3cdb6a8e1ad83338d600b57230f2
-
SHA256
d8deba395f88adf48f1e7f30ec26cc5f4703156f3158b2ed649aae1fa91b6e2c
-
SHA512
6b4eb6e85363c5fe5e2972cee4669b7a2ffd109a2f5c40a2a935a45329babdfaa5e820854f100e9b59da0d2e83df694f30cd2c039c7a6418749a26eaa2ea5b73
-
SSDEEP
12288:Y4PxcO9jwulosQQ2cuRaGN7uunp/bGjmrhYkhR:PxZWs/eRaGH/b82YGR
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 261c8fadbeb51a4e4d70788778e19fcc_JaffaCakes118
Files
-
261c8fadbeb51a4e4d70788778e19fcc_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: - Virtual size: 1.0MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 403KB - Virtual size: 404KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE