Behavioral task
behavioral1
Sample
4d994c76514662b977bfff72dae2476f_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
4d994c76514662b977bfff72dae2476f_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
4d994c76514662b977bfff72dae2476f_JaffaCakes118
-
Size
210KB
-
MD5
4d994c76514662b977bfff72dae2476f
-
SHA1
6866e45489747d9dc865abd5be28d136e9e9637e
-
SHA256
30bd413089c40c3ca7f43181eb0d2266b0139fd9743377a99eb30f76921bdb96
-
SHA512
bc21be11d16648829624234afcfffb819daadf1c427c654b68983b3d66b8029a74edcf3e96898d3b7ebe7a5e8401bb0dc697c364599c199c8e82a20e08a97cf1
-
SSDEEP
3072:oEee7I1MDjntC4o5dGLYbq9HKjBEwpqo65zlMsnRN6kbbyrr:j1/tC42d8R9Heew0lH6kC
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4d994c76514662b977bfff72dae2476f_JaffaCakes118
Files
-
4d994c76514662b977bfff72dae2476f_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 100KB - Virtual size: 100KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 60KB - Virtual size: 64KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 48KB - Virtual size: 76KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE