Behavioral task
behavioral1
Sample
d056de960a5afa79a8973a4a66e670d6_JaffaCakes118.exe
Resource
win7-20240708-en
General
-
Target
d056de960a5afa79a8973a4a66e670d6_JaffaCakes118
-
Size
430KB
-
MD5
d056de960a5afa79a8973a4a66e670d6
-
SHA1
3d3240733c5bdc77ca0da0362e74b4b26d730c72
-
SHA256
d614cba96c74e566acf910e718c30e662fc556a64e4f7cce91f1abe4f8738daa
-
SHA512
f26e560a256f0c2a68214c12b8c0455f2adec5025f86753b069061d563710bc5ff94e89b463684f982cdbc45139ebeaf484c6b23299f506a26b44144db0c2c61
-
SSDEEP
12288:turpcmTzm78B6qHO6ItVkUNiIxC6JQx3zZC4WKPAHPA2HOIs7uQBjpB:00qUNiIxtJQx3zZDWKP2lsKQf
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d056de960a5afa79a8973a4a66e670d6_JaffaCakes118
Files
-
d056de960a5afa79a8973a4a66e670d6_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: 228KB - Virtual size: 228KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 170KB - Virtual size: 172KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 31KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE