Behavioral task
behavioral1
Sample
5933a435cc1e27e6c2de575596638964_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
5933a435cc1e27e6c2de575596638964_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
5933a435cc1e27e6c2de575596638964_JaffaCakes118
-
Size
104KB
-
MD5
5933a435cc1e27e6c2de575596638964
-
SHA1
b6b62cb96d3b8ce920bb9e4149fe5994abdc549c
-
SHA256
072ee689dea574280bc50fbe1dd64b3fcb6e59426444d8c2adc59ee7cba28846
-
SHA512
9ef14e927d8cd89c16decbafce3ecab123af6bc9bf6720e6230375be7d714ba49cd0a1ad59e9048852b2adb208939588e6a7ec85ab43e02c5767e416971a651d
-
SSDEEP
1536:JD/AwPx+riFFG1l/m3wEeQqjh+rmKVsWiVPsrhSBXUc/:JDBYnFE2jwqWsWMfXn
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 5933a435cc1e27e6c2de575596638964_JaffaCakes118
Files
-
5933a435cc1e27e6c2de575596638964_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 56KB - Virtual size: 56KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 39KB - Virtual size: 40KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ap0x Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE