Behavioral task
behavioral1
Sample
941e71a18d8d5612567662f2a6c404bc_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
941e71a18d8d5612567662f2a6c404bc_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
941e71a18d8d5612567662f2a6c404bc_JaffaCakes118
-
Size
139KB
-
MD5
941e71a18d8d5612567662f2a6c404bc
-
SHA1
d64a342c52de41dc8b1e02298f9d3c13b4443cae
-
SHA256
099de07badecf995e5f85920ffe3a091fce4b457e5744168bd4117016060eee8
-
SHA512
1076c5a8a9d2e589c18f3b6c7103e9bdf75fa048cc01b588304ae4ac9b743fbbb2f399e5f48da6c343945a861e5f5f1f6e887f179a4238db3ac25d7842f48583
-
SSDEEP
3072:VlniSfV8xIPEgsNWSKd3H8RMRlAViPy+zUdU3LLQM/Ss0xbYFl:Vl2GPEgsNWSIX8RMRcyy+2yv50xbI
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 941e71a18d8d5612567662f2a6c404bc_JaffaCakes118
Files
-
941e71a18d8d5612567662f2a6c404bc_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 352KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 135KB - Virtual size: 136KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE