Behavioral task
behavioral1
Sample
63baef9dd79f5fb9c058c8510f7bc453_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
63baef9dd79f5fb9c058c8510f7bc453_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
63baef9dd79f5fb9c058c8510f7bc453_JaffaCakes118
-
Size
483KB
-
MD5
63baef9dd79f5fb9c058c8510f7bc453
-
SHA1
36a182ed61badcf53ba9f79a710938abedcea09a
-
SHA256
d066b0c6ebcfea6ee042815ed5ff7fb37354894e88b79a18910192f6064f513f
-
SHA512
a0fa2e15c8592e1b3fbce037b10c3424ac770999a9b5a61c4575f57cfe38bda55bac166a6ee36600125ea00fecfe1db2ecf316c99d80139f71e94691ec248425
-
SSDEEP
12288:CXk1IX7HbiyqI6H1RB6iLlO7nahO7MfV34hwoS:2k1IXj2y96HJ9LloqO7MfV3
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 63baef9dd79f5fb9c058c8510f7bc453_JaffaCakes118
Files
-
63baef9dd79f5fb9c058c8510f7bc453_JaffaCakes118.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 364KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 475KB - Virtual size: 476KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE