Behavioral task
behavioral1
Sample
63d82e48a4cc59dcb3ae3d677f0a6707_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
63d82e48a4cc59dcb3ae3d677f0a6707_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
63d82e48a4cc59dcb3ae3d677f0a6707_JaffaCakes118
-
Size
774KB
-
MD5
63d82e48a4cc59dcb3ae3d677f0a6707
-
SHA1
8b952bf22888c9a8755d0e9f6b2b6ad93aacadb8
-
SHA256
1d12011d038afc8f60336dd1c3944eaf2d22bf49a2b71a6fb277ee8f46ecb960
-
SHA512
24c4bf71b83dbec70af03f91aee68d7ec7366e0176c803d06f399495be288a25d41e63f26ee2156a995ce347921b4a3a7a7a4f4898f442e7afe7985375814d3e
-
SSDEEP
12288:F/3q21K8rBPqy5WHWrkJ7eja/iNkELlkMCJIiwf3dFR9QGZOY77:F5DOeja/Pp97wfjRVX
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 63d82e48a4cc59dcb3ae3d677f0a6707_JaffaCakes118
Files
-
63d82e48a4cc59dcb3ae3d677f0a6707_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 76KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 43KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.RUPX1 Size: 68KB - Virtual size: 68KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE