Behavioral task
behavioral1
Sample
5a3ae7c3c70dfe4136c7854a9a6e770b_JaffaCakes118.exe
Resource
win7-20240708-en
General
-
Target
5a3ae7c3c70dfe4136c7854a9a6e770b_JaffaCakes118
-
Size
784KB
-
MD5
5a3ae7c3c70dfe4136c7854a9a6e770b
-
SHA1
d9737426aa82a300b8cb110af13d1c71e86ff115
-
SHA256
286957c52cd16a79635251399eef2a45b0e4f93e7d97de690eee44dc26c7d490
-
SHA512
8342ce794769e8ea1eef6f9b79c162542ccbd4c91dfac60bd4c63d8b4cdbf7ded235d91d2d60d1d1542601a167753e4236b84a3bf79989c1356b976a53e83fd1
-
SSDEEP
24576:TUvuMkhsvNDo5yaESkR2BooJcXdrff2PT01lUvM:TU2/D51EVIB8pf+PT+
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5a3ae7c3c70dfe4136c7854a9a6e770b_JaffaCakes118
Files
-
5a3ae7c3c70dfe4136c7854a9a6e770b_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 2.3MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 783KB - Virtual size: 784KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE