Behavioral task
behavioral1
Sample
ab816cde6ff7fa92b3fc06d02f3e1422_JaffaCakes118.exe
Resource
win7-20240705-en
General
-
Target
ab816cde6ff7fa92b3fc06d02f3e1422_JaffaCakes118
-
Size
177KB
-
MD5
ab816cde6ff7fa92b3fc06d02f3e1422
-
SHA1
6146b71e5e0cb869d09388a40a43d40e44efef42
-
SHA256
f68d2d694bdd4f62631bc1fe833aac14d0fa050e6c968286e31b38d23e8f35b5
-
SHA512
4c1ff11c37583f8a5050738043519179a2304746928305f572b4d572c068995a20ae3b25867e34480488b6bb2f200d3fa429f716ecfeefc3c43f7f93c84ce386
-
SSDEEP
3072:WHV+lcsJu6lq+yTxkB3QOHVnwzMKLBLRe0GZ/n09yF:WglcsvyTOznwxBL3i/bF
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ab816cde6ff7fa92b3fc06d02f3e1422_JaffaCakes118
Files
-
ab816cde6ff7fa92b3fc06d02f3e1422_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: - Virtual size: 324KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 175KB - Virtual size: 176KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE