Behavioral task
behavioral1
Sample
8cbb56b1f6f7078e919e1f9163d9b31f_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
8cbb56b1f6f7078e919e1f9163d9b31f_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
8cbb56b1f6f7078e919e1f9163d9b31f_JaffaCakes118
-
Size
466KB
-
MD5
8cbb56b1f6f7078e919e1f9163d9b31f
-
SHA1
c3280b39fa8bb971293b7ce740f4720e4b594818
-
SHA256
eb2c8ec28919b4857013ac02268141d9d51d47d1c889ac72b5b33dc20b09e88f
-
SHA512
390cf2d24a23cde4577254dbd8ffbdf129c885ca9cc5cbaddaa5cab157a5c5f861040268dad5b2aedaf439b178199e16ddd46226e40c06e08ab7631ff41dfb87
-
SSDEEP
6144:sz1n+YgkEq5NVQKzHMiLDH9riSRLigC9C0Z0+eLJoZTEQEfC:sB9VEq5NvjFLgtgC9C0yRLJlK
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8cbb56b1f6f7078e919e1f9163d9b31f_JaffaCakes118
Files
-
8cbb56b1f6f7078e919e1f9163d9b31f_JaffaCakes118.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 260KB - Virtual size: 260KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 193KB - Virtual size: 196KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE