Behavioral task
behavioral1
Sample
273ae39e7e10a40aa1fb1f38caef167d_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
273ae39e7e10a40aa1fb1f38caef167d_JaffaCakes118.exe
Resource
win10v2004-20240704-en
General
-
Target
273ae39e7e10a40aa1fb1f38caef167d_JaffaCakes118
-
Size
31KB
-
MD5
273ae39e7e10a40aa1fb1f38caef167d
-
SHA1
290d8f10e7d9065dccb7b41c4c0678c665161e7a
-
SHA256
a1a1e7d238ccf05cc95937d3eca4921ce142ca8f1a7d9318e1da848eb18838b9
-
SHA512
89500b29146965dc1969f2f16c9ba61a6fb31be0fccc7b9460c006177be4d40d156c6ae576ee54abef5a24a2341688371692ce9268591c0c70da764ea099f9b6
-
SSDEEP
768:dDzS2Slqri8Tmqa2sF8S5l3vHXS55lfuMtC:xGDWsCil3/I5G
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 273ae39e7e10a40aa1fb1f38caef167d_JaffaCakes118
Files
-
273ae39e7e10a40aa1fb1f38caef167d_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 480KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 30KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE