Behavioral task
behavioral1
Sample
5a94c3c8f9150b3348f1d62484cd6dff_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
5a94c3c8f9150b3348f1d62484cd6dff_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
5a94c3c8f9150b3348f1d62484cd6dff_JaffaCakes118
-
Size
136KB
-
MD5
5a94c3c8f9150b3348f1d62484cd6dff
-
SHA1
429409d8d3ad71579e1104b24089e45ce94bc006
-
SHA256
c8a095fc0f2d6abcdffcd19635c04e030c1296f537b5dc6cab0c19fc2454056e
-
SHA512
4c22ba8a5d1c5bffc94336b864c90e42a5acb98b2fbfed6c17ad59c3ab1767afa51d639b12a1013189f6728b91142aafa08de28e219e34488a26c0a3b434335a
-
SSDEEP
3072:1n13ENPLaNrl5elTm4AqZDfaeuY3Q81GaeFZ0out:1n13ENQl5ec413KkGLZ0oS
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5a94c3c8f9150b3348f1d62484cd6dff_JaffaCakes118
Files
-
5a94c3c8f9150b3348f1d62484cd6dff_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 28KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 134KB - Virtual size: 136KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE