Behavioral task
behavioral1
Sample
6282ae88a9f05fc017c7a9abb2cf77c3_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
6282ae88a9f05fc017c7a9abb2cf77c3_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
6282ae88a9f05fc017c7a9abb2cf77c3_JaffaCakes118
-
Size
780KB
-
MD5
6282ae88a9f05fc017c7a9abb2cf77c3
-
SHA1
2d60c9d661abdc6abebb84eebde7681a5f1a9fb9
-
SHA256
8201832074cc750c399398a6b1239cf851039afdb43ee7eb76e032106dea831a
-
SHA512
509b19d445418c15808915b3b156ec44062a14c219b2b7b91a9360335edf42dcb9ab3631fec65e4a2bca0b73d8405f9bf3d4d75c5d0d8244fa937d27a4932bec
-
SSDEEP
24576:yMuAICsixM0yOtx6z71SCucktB+ySIlsjmCNEI:yAxKE6FSCucsBzSFjmCNR
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 6282ae88a9f05fc017c7a9abb2cf77c3_JaffaCakes118
Files
-
6282ae88a9f05fc017c7a9abb2cf77c3_JaffaCakes118.exe .ps1 windows:4 windows x86 arch:x86 polyglot
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: - Virtual size: 624KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 772KB - Virtual size: 772KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE