Behavioral task
behavioral1
Sample
4052e869d0ef5649ad0bb14c7cdffbcf_JaffaCakes118.exe
Resource
win7-20240708-en
General
-
Target
4052e869d0ef5649ad0bb14c7cdffbcf_JaffaCakes118
-
Size
88KB
-
MD5
4052e869d0ef5649ad0bb14c7cdffbcf
-
SHA1
2f2eef12131183bb414d8189450d89a9a83ca604
-
SHA256
fff826d7cf48b6cbef49c9eda8b7a33205c90be8d3254de4589f1a3acdd74a21
-
SHA512
61c3667bfa5c3cd981023372eb5fe29b479b25d7d53bb2c4b58c2cf16568759ec872cd34fbaa386dbe47ef55634913caa35f6cd360dff4d645e441b5c31cbd4d
-
SSDEEP
1536:UyrizN3klVZ69QPiPy7sw2Sx1vXvfAK6skKjFsrHAstd:U1N3kPZX9sS/XbDps7AEd
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4052e869d0ef5649ad0bb14c7cdffbcf_JaffaCakes118
Files
-
4052e869d0ef5649ad0bb14c7cdffbcf_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 20KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 80KB - Virtual size: 80KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE