Behavioral task
behavioral1
Sample
ba5f11e3a29ebd17430a59c0e793ddd6_JaffaCakes118.exe
Resource
win7-20240708-en
General
-
Target
ba5f11e3a29ebd17430a59c0e793ddd6_JaffaCakes118
-
Size
130KB
-
MD5
ba5f11e3a29ebd17430a59c0e793ddd6
-
SHA1
8c1e021768f5ae27f805738e2e727abfcb85b546
-
SHA256
170856219a8a9f6f88585bbcce8cf9b675755eaec3795d875143c1185b286b0d
-
SHA512
7d765110a948ba42afce99f5a78d4940e859080241505982943abbd5fee6cd5130c26c453cf4efe71154f1d09ce33131612449cde0ef6832b142509aa29e5b5b
-
SSDEEP
3072:x8eY2Aol4eBEGr4N087YbhCOODfrWG/P4uXRDGgo29EgQkLqD4rKSWr:x8eTlDX4N087YbhC5TzP4uJo2rQkLqE6
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ba5f11e3a29ebd17430a59c0e793ddd6_JaffaCakes118
Files
-
ba5f11e3a29ebd17430a59c0e793ddd6_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 100KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 124KB - Virtual size: 124KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE