Behavioral task
behavioral1
Sample
770bd1b88563b0d461f53f442c5039a7_JaffaCakes118.exe
Resource
win7-20240704-en
General
-
Target
770bd1b88563b0d461f53f442c5039a7_JaffaCakes118
-
Size
227KB
-
MD5
770bd1b88563b0d461f53f442c5039a7
-
SHA1
921cfb8b759519e320292b5abc26b8b81ebf18d1
-
SHA256
291af5e5c915ac8f0c7628eac4f831d1d25481ac1a1c1d44bd742273ee633d37
-
SHA512
e75baaccf963b3b55c1ed57f5e3ed695e449c5afe32485125edbc4acc3e12fe2efd7fb375f9ab5417c32fac13718514fe40aa1f30219b25ab504cac6348ca28c
-
SSDEEP
3072:Ubkvb4IXTLdvzdBL3pVyGSV8i/AR3+1safL4YQ0qMlydsNUmXYd:YkUIXTndpVyGUA9az3Q0j0SNU3
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 770bd1b88563b0d461f53f442c5039a7_JaffaCakes118
Files
-
770bd1b88563b0d461f53f442c5039a7_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 108KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 42KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.7UPX1 Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE