Behavioral task
behavioral1
Sample
5bcdf8f43fa8187a2edb459bcc57b072_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
5bcdf8f43fa8187a2edb459bcc57b072_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
5bcdf8f43fa8187a2edb459bcc57b072_JaffaCakes118
-
Size
34KB
-
MD5
5bcdf8f43fa8187a2edb459bcc57b072
-
SHA1
7f1d48d9540533131b63d5e76100c6cbe1bf96e3
-
SHA256
27942d29132b2e30a949896cee248b178aed9e59d3925e4af47d1313c5f208a5
-
SHA512
ac0ee90bfc1458c78c14625951b5fac81896598394ca16197354a93b1a79913c1934d861790b8d8532bc6871f5364e16e35d060f86b0b3945460684f8140d65e
-
SSDEEP
768:XSI0rxTmkyKaPVHaM46LyFZyo+wrw0NFvlpna1kT4z8AnbcuyD7UfISEFW:Cz4jKaPBaMfL+P+wsOFvgRz8Anouy8gm
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5bcdf8f43fa8187a2edb459bcc57b072_JaffaCakes118
Files
-
5bcdf8f43fa8187a2edb459bcc57b072_JaffaCakes118.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 92KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE