Behavioral task
behavioral1
Sample
b9a208ff3b125c41007862d0c2081282_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
b9a208ff3b125c41007862d0c2081282_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
b9a208ff3b125c41007862d0c2081282_JaffaCakes118
-
Size
254KB
-
MD5
b9a208ff3b125c41007862d0c2081282
-
SHA1
22c4dd03d86452d7a9a44056fdc740a593636bf9
-
SHA256
56fe9a70e99826641dd92558d47594142328496bb8e14bec00a4c20ce9677d10
-
SHA512
2f2eb74217adf6d05ad2b6428c4fffddcc3861f42880405f7949529da52aed0c0412acfe28603c972e304b4623e2a85ffbaf99fb7fefcb12b004bd419bbeda05
-
SSDEEP
6144:N+0RDghUyFH92klAOG6jG/02cSzv9nJex+2LQKHK:N+0gG/0Sax+2L
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b9a208ff3b125c41007862d0c2081282_JaffaCakes118
Files
-
b9a208ff3b125c41007862d0c2081282_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 180KB - Virtual size: 180KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 70KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE