Behavioral task
behavioral1
Sample
881125a686bfba181ab3d81975658866_JaffaCakes118.exe
Resource
win7-20240705-en
General
-
Target
881125a686bfba181ab3d81975658866_JaffaCakes118
-
Size
409KB
-
MD5
881125a686bfba181ab3d81975658866
-
SHA1
665e43437801d42a357c5478df2632b83eef46d8
-
SHA256
a6ed1caf13a6f30efa36fa089aadf7ab5b95bf3ccb9b0057e84a2617e2babc1e
-
SHA512
a6568475c27d88208775786919ce487a3b246654bacf09b234926fb56466791319f67fd4151857c2f5b92197899c9ea951dbdd423ca134cc59748cf9c661e25f
-
SSDEEP
12288:f8GT7cCBbiaV6RH4HmzSZ2uLvpFgya1nluJ:0GT7J6qGzSZzzpmyaBE
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 881125a686bfba181ab3d81975658866_JaffaCakes118
Files
-
881125a686bfba181ab3d81975658866_JaffaCakes118.exe windows:4 windows x86 arch:x86
647b2d25b4821905b4195ff7a6455b54
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleHandleA
LoadLibraryA
GetProcAddress
Sections
UPX0 Size: 512B - Virtual size: 384KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 406KB - Virtual size: 408KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE