Behavioral task
behavioral1
Sample
8e1a8ccf9a1248fdafdc94a0ad6b6213_JaffaCakes118.exe
Resource
win7-20240704-en
General
-
Target
8e1a8ccf9a1248fdafdc94a0ad6b6213_JaffaCakes118
-
Size
358KB
-
MD5
8e1a8ccf9a1248fdafdc94a0ad6b6213
-
SHA1
32db7d25952970e604129828be29f9f3146154c4
-
SHA256
d5f31c9a825b0bdc062e6936f300ba05637751ade9712c39dd26e2a197e77d4a
-
SHA512
3dbc37a62584bdb9f626eb90eb6f4c0139753793b7e56b522181fe9fbfcfa84811f69393e50583730d4d4f310418036167ecd184e0e0d9c495f1f152ff5d66f8
-
SSDEEP
6144:NdMDYQFwOXVnxyHdiJ0bGuwEr4lZ3J6VqHzn1t8fE5espDPusEQW95ZT:zQplYHg2bGQr4ltJ6QTPnjpDlEQW95ZT
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8e1a8ccf9a1248fdafdc94a0ad6b6213_JaffaCakes118
Files
-
8e1a8ccf9a1248fdafdc94a0ad6b6213_JaffaCakes118.exe windows:4 windows x86 arch:x86
647b2d25b4821905b4195ff7a6455b54
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Imports
kernel32
GetModuleHandleA
LoadLibraryA
GetProcAddress
Sections
UPX0 Size: 512B - Virtual size: 1.9MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 349KB - Virtual size: 352KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE