Behavioral task
behavioral1
Sample
545356ebde271a8795908c93ce0f3ee8_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
545356ebde271a8795908c93ce0f3ee8_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
545356ebde271a8795908c93ce0f3ee8_JaffaCakes118
-
Size
104KB
-
MD5
545356ebde271a8795908c93ce0f3ee8
-
SHA1
3e3d1461b0e95c5a969440ebc44a819df655b14f
-
SHA256
005b9f36404541d773281dc58bd9708930c3bdab8acefaaddd57c6ee8c907197
-
SHA512
e84fb3e06f9a229a5d9d885378032842d2d20f54a4ce9ddd76d8c2251ab8b9a5220d648735a3f167724b05b89fea797e796fe5d48ceb0576290bbf2dfde2b722
-
SSDEEP
1536:2D/AwPx+riFFG1l/m3wEeQqjh+rmKVsWiVPsrhSBXUc/:2DBYnFE2jwqWsWMfXn
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 545356ebde271a8795908c93ce0f3ee8_JaffaCakes118
Files
-
545356ebde271a8795908c93ce0f3ee8_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 56KB - Virtual size: 56KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 39KB - Virtual size: 40KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ap0x Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE