Behavioral task
behavioral1
Sample
482ac62ff4e8366bf66cfc2fdbf81e41_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
482ac62ff4e8366bf66cfc2fdbf81e41_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
482ac62ff4e8366bf66cfc2fdbf81e41_JaffaCakes118
-
Size
163KB
-
MD5
482ac62ff4e8366bf66cfc2fdbf81e41
-
SHA1
faf2fd5d59742097cb60b7c797affe2a4d89d2fe
-
SHA256
c43df4ff856268ccd03899f2fd4cfe9327c4452355b74cfbee16709255cdfc58
-
SHA512
e4b8aa62547a4cdd1ee75a8da0722b2d4d4836dae3fc45640417b4f513e99d9a94e00ac0590b1c91766cbe257eabfea14d0b1e5ea5888fb617db628feb785cab
-
SSDEEP
3072:Y2XpxJGTS1heaTKm8egvHQ87kgfMU7Yh0FuJW3mn03ONoVOIZTT:Y25GTxaTKm4Q8AgfMU7NFaWSkAoVxZTT
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 482ac62ff4e8366bf66cfc2fdbf81e41_JaffaCakes118
Files
-
482ac62ff4e8366bf66cfc2fdbf81e41_JaffaCakes118.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 252KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 167KB - Virtual size: 168KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE