Behavioral task
behavioral1
Sample
a852bb5a31733fd56b8a08317b0d8caf_JaffaCakes118.exe
Resource
win7-20240729-en
General
-
Target
a852bb5a31733fd56b8a08317b0d8caf_JaffaCakes118
-
Size
125KB
-
MD5
a852bb5a31733fd56b8a08317b0d8caf
-
SHA1
20d01d57b5fa54fe5c63f6a052c81bc6b6ebc279
-
SHA256
f3f34c8203b21c9a886137997caef044da9434460d58206670691c053657cba7
-
SHA512
cbf2e113c88047164fcec3dec92f5c6b9989466f0eea9dd63dee959eea5a93799457eda1068b4c685a1eeea8aa00d3556fda9b3c8a835e85310cfc0428a2a401
-
SSDEEP
768:+uOzzKHXSSNLHVhFeSW0nCePIsHcQwASmYVffcH8Dy8ZmKoGydFWbHuvj:6aHX3jVhoSke78HfmAnccO8cFkbOvj
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a852bb5a31733fd56b8a08317b0d8caf_JaffaCakes118
Files
-
a852bb5a31733fd56b8a08317b0d8caf_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 112KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 6KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX3 Size: 114KB - Virtual size: 116KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE