Behavioral task
behavioral1
Sample
870088c650dddbae1d3a20e5882d5988_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
870088c650dddbae1d3a20e5882d5988_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
870088c650dddbae1d3a20e5882d5988_JaffaCakes118
-
Size
543KB
-
MD5
870088c650dddbae1d3a20e5882d5988
-
SHA1
ceb6ae03fd5ae008579b1ef8e1697adcfe8d9e00
-
SHA256
9f3657e18d7402920a5d29ae9f92c4ded490e0e26618712a0c9a69cea6446e86
-
SHA512
58ff78e8b03dd56fd26b3c5810f3974a38b95d9d1a09d159236bf2e1ef4dc0309260015e48b849a90f3f4d8aeeedc1dd757f78030351f1725dab9dafd84318f3
-
SSDEEP
6144:2nGzJRBQZ6t9GSsZVmUfxPk7SW77HclS820DoNJFVY9UeR8EHbDwzcf3WwI:2nM6Z6t9wZY+qLFVd88YeeVI
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 870088c650dddbae1d3a20e5882d5988_JaffaCakes118
Files
-
870088c650dddbae1d3a20e5882d5988_JaffaCakes118.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 308KB - Virtual size: 308KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 222KB - Virtual size: 224KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE