Behavioral task
behavioral1
Sample
32a33f4f26cbeeae1e23b6daeb10432b_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
32a33f4f26cbeeae1e23b6daeb10432b_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
32a33f4f26cbeeae1e23b6daeb10432b_JaffaCakes118
-
Size
7KB
-
MD5
32a33f4f26cbeeae1e23b6daeb10432b
-
SHA1
162134e7e943e1c48bba62185eaa6855e6e1d321
-
SHA256
cdf88df17f286813b3a9ca75bda8c23d679136e315787e5c917adf3fdae4d615
-
SHA512
f4de03d39a2ff0fd9254eb03b01b1fba3fa6aed4c737659752598fc015f2dd6b13cab9920eaf6155e43914d7f3aedd59a5a4d7ed00df0ecb5af6ef4481cc1fcc
-
SSDEEP
192://FdmYlxwqAbnPwkPed+A5YbbdJMmvXSpnS00000000000000000000j0A0q00YZ:/PDvRAbnohd+EY9JMmvXSFS00000000A
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 32a33f4f26cbeeae1e23b6daeb10432b_JaffaCakes118
Files
-
32a33f4f26cbeeae1e23b6daeb10432b_JaffaCakes118.exe windows:1 windows x86 arch:x86
410a1cf5e716ffcc50f66067129699ea
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
AdjustTokenGroups
kernel32
CreateThread
user32
BlockInput
gdi32
Chord
ws2_32
htonl
Sections
UPX0 Size: - Virtual size: 28KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 5KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE