Behavioral task
behavioral1
Sample
4336fb177329b85570eaa58359fb49c9_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
4336fb177329b85570eaa58359fb49c9_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
4336fb177329b85570eaa58359fb49c9_JaffaCakes118
-
Size
260KB
-
MD5
4336fb177329b85570eaa58359fb49c9
-
SHA1
87248831e0053e96e3986689edfa988647ab9e1f
-
SHA256
def7738734e085c283660c3c09563b1b90dd1eaf4c1e1d2a5d01a8f17391b8f3
-
SHA512
feefc86aa85a52c849d30787d71779f4f8e0638a2f417a64c63ef8068f4683011ab9d2ab452e58233ebb096e3ce681d316cb9399dc09064000966c937330936b
-
SSDEEP
6144:BW+wHd+6OLo4xXIk8Pjzj9NP343mGA+2H:dw8bs4x4n7rPIHA+2H
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4336fb177329b85570eaa58359fb49c9_JaffaCakes118
Files
-
4336fb177329b85570eaa58359fb49c9_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 396KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 258KB - Virtual size: 260KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE