Behavioral task
behavioral1
Sample
bf080661cbd2bb8552d6fa236dfdaa1a_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
bf080661cbd2bb8552d6fa236dfdaa1a_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
bf080661cbd2bb8552d6fa236dfdaa1a_JaffaCakes118
-
Size
543KB
-
MD5
bf080661cbd2bb8552d6fa236dfdaa1a
-
SHA1
fec0b03ce95e8fb6982cafff85663b795b0487d2
-
SHA256
d08b977f6a4e54c621dba8c02769035f7ecbc5dc04297f57c60d7c823a56b407
-
SHA512
707d312f48e1c4018fcccdd8c5506cb96dbd7f18544bfc5df59c1406658bc538c0df2086422fb9794e33194eefe0bc39bea3354c35cb4d0246d7cb3a18f895fb
-
SSDEEP
12288:Q7QGFbRTQwtcKT1/MqvCr5w4pJNtmHeU3BeICBEuSI:StcKT1/+r/m+UxeAM
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource bf080661cbd2bb8552d6fa236dfdaa1a_JaffaCakes118
Files
-
bf080661cbd2bb8552d6fa236dfdaa1a_JaffaCakes118.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 312KB - Virtual size: 312KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 218KB - Virtual size: 220KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE