Behavioral task
behavioral1
Sample
2c089f98480a91c5773dd614f93dc9c9_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2c089f98480a91c5773dd614f93dc9c9_JaffaCakes118.exe
Resource
win10v2004-20240704-en
General
-
Target
2c089f98480a91c5773dd614f93dc9c9_JaffaCakes118
-
Size
865KB
-
MD5
2c089f98480a91c5773dd614f93dc9c9
-
SHA1
de4f6866c47a8c096f2823a9772e1ab0d8827bca
-
SHA256
12de16595e6f64d2994cab229a021daec70a667e216c1be718758a621718075f
-
SHA512
aaaa2e9cad5d39cee954b4566457517e1d7ac4a08bc0fe185539e143b656ac677c418dcf8e037f7656d6e3065d81acb0f15ed28d0f0250bcf62135f4f32a4d77
-
SSDEEP
24576:vgX0/OD7Ti5k7009BxvXy+eLyiv3SMnIYX+sJ:I2O3Tv4oPXy+myiviwXXz
Malware Config
Signatures
-
resource yara_rule sample aspack_v212_v242 -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2c089f98480a91c5773dd614f93dc9c9_JaffaCakes118
Files
-
2c089f98480a91c5773dd614f93dc9c9_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.ASPack Size: - Virtual size: 344KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ASPack Size: 46KB - Virtual size: 46KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE