Behavioral task
behavioral1
Sample
77524a64cde59970153a6193e7a1a88e_JaffaCakes118.exe
Resource
win7-20240705-en
General
-
Target
77524a64cde59970153a6193e7a1a88e_JaffaCakes118
-
Size
222KB
-
MD5
77524a64cde59970153a6193e7a1a88e
-
SHA1
a192e8b96972e0edbe0beb2e7702d1e3dbc64c15
-
SHA256
d6a04e5c5c7f35aca6c22784c0f0cf155c20120c8511715dca1309a8cf005084
-
SHA512
bc30a328df31c114ffc1ac223ddf91b756588bb43eff9e2353f0efadc94d415123ed8e16f205a448f963d696f5efd177933f56f606404fa25278228aec7ab64d
-
SSDEEP
3072:3yawUz207DriHm1W8L6YNTpQFlp/hcLSv4jPgAYPmXw0j3BN+BUosLaYT6PSLxfX:CVUzHAm1W8WY8ZkS0oOA0jYU12qDLq
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 77524a64cde59970153a6193e7a1a88e_JaffaCakes118
Files
-
77524a64cde59970153a6193e7a1a88e_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 80KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 217KB - Virtual size: 220KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE