Behavioral task
behavioral1
Sample
894dc4a50a74cda5b3734cc20e4b17d6_JaffaCakes118.exe
Resource
win7-20240708-en
General
-
Target
894dc4a50a74cda5b3734cc20e4b17d6_JaffaCakes118
-
Size
133KB
-
MD5
894dc4a50a74cda5b3734cc20e4b17d6
-
SHA1
62ef23c41bb1a682e38d8b50fc52bc88e6edd302
-
SHA256
9b30a06b7784d8db449b4a73c125053bcd6105b2c535551548b1817905dc046f
-
SHA512
6343e56e990c15b89e1bb5a57569bc9962eefc48ecd42ca3d1bdbfeffdc82838cf64ebfd64bc72d63088f183a68831d8e5049815a6b11d8d14cf728425122082
-
SSDEEP
3072:IzpWc7V/1rEraQlGjtAowi5FGb0fBSqtvvwcV0fVcuXw9+OCtJU0GQ:Itfh2aQwjtAyrG4f9tvvByqug9+OCti0
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 894dc4a50a74cda5b3734cc20e4b17d6_JaffaCakes118
Files
-
894dc4a50a74cda5b3734cc20e4b17d6_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 396KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 131KB - Virtual size: 132KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE