Behavioral task
behavioral1
Sample
cf495cfc7d46faef97170ea9c43c5bb8_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
cf495cfc7d46faef97170ea9c43c5bb8_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
cf495cfc7d46faef97170ea9c43c5bb8_JaffaCakes118
-
Size
2.8MB
-
MD5
cf495cfc7d46faef97170ea9c43c5bb8
-
SHA1
552d7d9c46f02bc0566287d9c0466d97adaa9cf8
-
SHA256
df6b3840e25eb34097faa5c01affdbfc1b4f7b53142d9f5816a8384eae07d971
-
SHA512
fa8de7df219ffbb995b4043e313e867a251bcb41fe19942325a54c18faba5bed8a7d10deae5aff02f223e5d2d510cfe69ef5b8a2cf3f4a022768743b2e2933cd
-
SSDEEP
49152:vN0qF0Fwf0+0qN/GttHwHwl0qH0F0Fwf0qNGxtP+wHwBwl0qO0Y0qC0mR2wFtTwf:10qF0Fwf0+0qN/G7wHwl0qH0F0Fwf0qf
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource cf495cfc7d46faef97170ea9c43c5bb8_JaffaCakes118
Files
-
cf495cfc7d46faef97170ea9c43c5bb8_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 132KB - Virtual size: 132KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 11KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE