Behavioral task
behavioral1
Sample
308d673d7eb584e30d90f619e6c3edc6_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
308d673d7eb584e30d90f619e6c3edc6_JaffaCakes118.exe
Resource
win10v2004-20240704-en
General
-
Target
308d673d7eb584e30d90f619e6c3edc6_JaffaCakes118
-
Size
174KB
-
MD5
308d673d7eb584e30d90f619e6c3edc6
-
SHA1
26e1e850f0796e3d12fdd4f62000644be852429e
-
SHA256
14239a68829fbe18c13144c591d5511b0eb7daf766010e594d371bd58b7dea65
-
SHA512
31ee94b9bb0cda66137443028107c375f618e50ced31bfc4f3c1c11d7b2de07161509b72e521316baf9dca6e2aee80a3549678651974ba7012db447b8b0e35aa
-
SSDEEP
3072:+Gu5hPq/Kr+MAPdJDfFDenOmPRd91cogwyJKcWPpmdJFSUu2b7nIhg:o5hPwKr+MAPdJREOmr9H0j0AXY2vag
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 308d673d7eb584e30d90f619e6c3edc6_JaffaCakes118
Files
-
308d673d7eb584e30d90f619e6c3edc6_JaffaCakes118.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 308KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 203KB - Virtual size: 204KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE