Behavioral task
behavioral1
Sample
2ab1b3b53eb5f6d3d6f54535f2e095cc_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
2ab1b3b53eb5f6d3d6f54535f2e095cc_JaffaCakes118.exe
Resource
win10v2004-20240704-en
General
-
Target
2ab1b3b53eb5f6d3d6f54535f2e095cc_JaffaCakes118
-
Size
2.2MB
-
MD5
2ab1b3b53eb5f6d3d6f54535f2e095cc
-
SHA1
53ad697548a20ce27d1a890dcae62f7b3b4e36f7
-
SHA256
d91d9e6a1c99f12994feb3ec71e0c70511f404fe36bb8416730f1a9af9aad518
-
SHA512
f1930d1a010e042319945d4dbfa07733f6b54984fe761fe62bd9726a69f8413de66463efdc3990c581839fd2a4bc4c2edb40a57ce40b44dc2614615496f3082f
-
SSDEEP
49152:AQA6vMBX2e2KhWUKFVQU+XJ+fP4mkDrZfBk+xvqLq:FA/BX2e2KWHVQU+XJ+H4mkDrJu+xvqm
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2ab1b3b53eb5f6d3d6f54535f2e095cc_JaffaCakes118
Files
-
2ab1b3b53eb5f6d3d6f54535f2e095cc_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 4.4MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 2.1MB - Virtual size: 2.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE