Behavioral task
behavioral1
Sample
b63676fb458c1f7fd12c19abcf39662c_JaffaCakes118.exe
Resource
win7-20240708-en
General
-
Target
b63676fb458c1f7fd12c19abcf39662c_JaffaCakes118
-
Size
292KB
-
MD5
b63676fb458c1f7fd12c19abcf39662c
-
SHA1
7e87c04735fa7f6ef1627f46f6f3a830eccef4d9
-
SHA256
fdae29a29a2980b414e1b09e2af072242734736065cfa3a62e96a95228c69909
-
SHA512
35cbd7659958c196a3f795c51e5faa786dd42e66091abdf9f157dc45259bc489b4e1803275e7cbde8c45b3709841e276dff7c12ab4cbd68e5cd478f20e2b04b9
-
SSDEEP
6144:P3MsXtKDZyl6LU6b8+adfQMMMMMMuMMMMMMRMMMMMMkcHToSfr:P3ZtK+WU6FQoMMMMMMuMMMMMMRMMMMMq
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b63676fb458c1f7fd12c19abcf39662c_JaffaCakes118
Files
-
b63676fb458c1f7fd12c19abcf39662c_JaffaCakes118.exe windows:8 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 132KB - Virtual size: 132KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 155KB - Virtual size: 156KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE