Behavioral task
behavioral1
Sample
c15875a9c6d65e58d5964d1196c4a510_JaffaCakes118.exe
Resource
win7-20240705-en
General
-
Target
c15875a9c6d65e58d5964d1196c4a510_JaffaCakes118
-
Size
182KB
-
MD5
c15875a9c6d65e58d5964d1196c4a510
-
SHA1
1ac90a1a61f9f1cb943eedcb368b0316f7ce4470
-
SHA256
9845a5ca9dd648c63d257d786773848e44e42466ad004932475fcec8f7578f6b
-
SHA512
62f669b8ca0c4c792130ec5bcc35d6b842d674a511d88bb714bf1aa1abe0e943526534297f972049200af7fd41f89d1ab63d39f12c42d336fa39de99b8988cbb
-
SSDEEP
3072:umWOUcZ8KMs76fCRC9Zz5oAFEn4MgYTon4+Wsur/t3tGCRg:umWtL0CRDFEnpTon4Bl3Ea
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c15875a9c6d65e58d5964d1196c4a510_JaffaCakes118
Files
-
c15875a9c6d65e58d5964d1196c4a510_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: 100KB - Virtual size: 100KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 71KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 10KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE