Behavioral task
behavioral1
Sample
c220e43855f099d07bc0e98cf619b7c0_JaffaCakes118.exe
Resource
win7-20240705-en
General
-
Target
c220e43855f099d07bc0e98cf619b7c0_JaffaCakes118
-
Size
248KB
-
MD5
c220e43855f099d07bc0e98cf619b7c0
-
SHA1
e0ebdb3eb27b4720702bed44b436a39b3c41d8bc
-
SHA256
f9afa602ca290f2185d03049c33a7cd742aeb8f3fc9aef8d6048a5e8de7b04bf
-
SHA512
651b23ecca4a1f15dcdeab25b18bb980492798a5f1d578dd93a2e68a3b00098a1bf1c1cd0448f1aef0df219da05c5910b197f0e4242b6e7f5d77f472b45ac9af
-
SSDEEP
6144:kkevXyXxFeaWHSeXG4ln4X+WQ9IP8QG1hK34WC5siu2xJoSREM:qviXHfOLX/ngQ9I9GjKIWC5sixToSREM
Malware Config
Signatures
-
resource yara_rule sample upx
Files
-
c220e43855f099d07bc0e98cf619b7c0_JaffaCakes118.exe windows:5 windows x86 arch:x86
Code Sign
4e:77:f8:25:37:f4:14:1e:6a:87:6e:db:2b:b4:a6:e5:29:0e:d0:f2Signer
Actual PE Digest4e:77:f8:25:37:f4:14:1e:6a:87:6e:db:2b:b4:a6:e5:29:0e:d0:f2Digest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 240KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 241KB - Virtual size: 244KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE