Behavioral task
behavioral1
Sample
2bd3c7a4415c3453b354254c1958ae52_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2bd3c7a4415c3453b354254c1958ae52_JaffaCakes118.exe
Resource
win10v2004-20240704-en
General
-
Target
2bd3c7a4415c3453b354254c1958ae52_JaffaCakes118
-
Size
298KB
-
MD5
2bd3c7a4415c3453b354254c1958ae52
-
SHA1
9490056291766f8fcf6541764d435d39b2b1c724
-
SHA256
6bcac08f1a88cc17cffaa09bf2d8e48234c0dcf835a40bdd551ee505ca654af6
-
SHA512
625d08c0409b74c62a65d3606a087172287594a2648f8ce6f99609218ee21b74755451167997c31bc0cc243744acb3d483e4b86738e6d5497d144e47ccab18c2
-
SSDEEP
6144:MqwIS2g2RaYQJgqR6j/Lr0xdorVxBMBI17qgC4te/biqwq8y31p7e48xu:nS8cYQGRydKbqIVkbiqL3FZss
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2bd3c7a4415c3453b354254c1958ae52_JaffaCakes118
Files
-
2bd3c7a4415c3453b354254c1958ae52_JaffaCakes118.exe windows:1 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: - Virtual size: 584KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 283KB - Virtual size: 284KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.dspack Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE