General
-
Target
cf35a6fe59f3a4898a8d3c2f4f6659b2_JaffaCakes118
-
Size
4KB
-
MD5
cf35a6fe59f3a4898a8d3c2f4f6659b2
-
SHA1
ab9d567330cf49453d49b0602f5c52ea4690f774
-
SHA256
d3b3722bac7242d8c174a9a583351017a4f59a899181d42877ad14945e4b4714
-
SHA512
814273c8aa8e60f8160263491614c08a2b783b338ef9d244715cad764d14c4a8643c730750efdc03ecb3c94e82ea5b35f2721c8937d77968ef887140879ab14a
-
SSDEEP
48:SiFLw0PvLbunIekebZDde0MnANZizym/pdtYSeJY8JTaN1IddRoBge5WwGD+:N9wcvLbgkeJCemxdlsd+i+Ww8
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource cf35a6fe59f3a4898a8d3c2f4f6659b2_JaffaCakes118
Files
-
cf35a6fe59f3a4898a8d3c2f4f6659b2_JaffaCakes118.sys windows:5 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 24KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE