Behavioral task
behavioral1
Sample
cfa6d96d9e83bbfe8648d588b25a70e3_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
cfa6d96d9e83bbfe8648d588b25a70e3_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
cfa6d96d9e83bbfe8648d588b25a70e3_JaffaCakes118
-
Size
107KB
-
MD5
cfa6d96d9e83bbfe8648d588b25a70e3
-
SHA1
abcd63ee75aea6d96a893801635b906d50ba439d
-
SHA256
c93c1addbeabf73fa3b53ddd5204301c525c90855d6460b938de2c39e6773842
-
SHA512
3409fa8c199f4a1dc0d6d7cf55289372c0cebdbbf4b072e645b78653ba0c5db050ece68b15ce9af19e376ed5d388e4f71e926e60fa59ecfdceba643eef7c5c51
-
SSDEEP
1536:UETGNGqR0Mi8oCZ9BkQlXyJBGHpDZHghgqefLzJKuNjMT0ffpbHQXEtowpKlZVvN:bGcq+5GxZHghoru+fpkXkoIQZdN
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource cfa6d96d9e83bbfe8648d588b25a70e3_JaffaCakes118
Files
-
cfa6d96d9e83bbfe8648d588b25a70e3_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 580KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 163KB - Virtual size: 164KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE