Behavioral task
behavioral1
Sample
65e5a2a9326578c64f5cc119e6fe94ec_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
65e5a2a9326578c64f5cc119e6fe94ec_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
65e5a2a9326578c64f5cc119e6fe94ec_JaffaCakes118
-
Size
197KB
-
MD5
65e5a2a9326578c64f5cc119e6fe94ec
-
SHA1
b5eea6d732af08f63fe85bf6f188ad8357c984bf
-
SHA256
9eb885aa1868ed58cd39715a9b99dfb2d7dda0eb9488aee9c70ff57d8d8938b0
-
SHA512
c42b01ddc3dbf646f09297b87bac993d8c743c919dda3e57bebce62d2b73cfe32a9f09392168e1e21cf65b3252f001b8cac81263eb03db1f8bbc7e6931b6971b
-
SSDEEP
6144:FKY+dsdNAsWsk7PTN65gHWX3QXzs381nLa:FwANTWPfNag2HQ71La
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 65e5a2a9326578c64f5cc119e6fe94ec_JaffaCakes118
Files
-
65e5a2a9326578c64f5cc119e6fe94ec_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 100KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 162KB - Virtual size: 164KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 35KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE