Behavioral task
behavioral1
Sample
c95f93c10b5844d0bc6215816b92ad10_JaffaCakes118.exe
Resource
win7-20240708-en
General
-
Target
c95f93c10b5844d0bc6215816b92ad10_JaffaCakes118
-
Size
506KB
-
MD5
c95f93c10b5844d0bc6215816b92ad10
-
SHA1
8c6c821ba311b873aa1e351390eaad4b396724df
-
SHA256
af44af101317265651313ebc883ddf37c0c5461c0aaecd8a05add9885069552a
-
SHA512
2fe065e1308d853aff408efc7acfd133929a8535b067c1d4feb1045b83b391c906ede7dc1fecff0c41cdbb5859528ff844adce587bb9d65f2f8b167398f5d115
-
SSDEEP
6144:GaUhMk70XLC1t9N9/W76hVj+VD3hbcd5SVtY/nWMSqKMXGY/uqp:GqkeLCP9NyEma3l4fM
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c95f93c10b5844d0bc6215816b92ad10_JaffaCakes118
Files
-
c95f93c10b5844d0bc6215816b92ad10_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: 292KB - Virtual size: 292KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 211KB - Virtual size: 212KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE