Behavioral task
behavioral1
Sample
d0572f9a2b2114cb695572984f5dd972_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d0572f9a2b2114cb695572984f5dd972_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
d0572f9a2b2114cb695572984f5dd972_JaffaCakes118
-
Size
5KB
-
MD5
d0572f9a2b2114cb695572984f5dd972
-
SHA1
5b3579998f2b15c0952eb1e56260198a4706e3af
-
SHA256
1835ece7fd2c6af1546961f1d25fe869d6ac13317f97ae3f02aff975fdfe4ea3
-
SHA512
4863df66d4a4ee8af8eea488cd1d63f31072650aa26e1e8813646b3e32a03f4fdce8f55ca7442fdfabbf0049869345fc4e4f0750c5cd129ac83eca6f3d174160
-
SSDEEP
96:86zs2pl4tLWOItS2ALcx8wdDzHtv/LEWAoL+KfAGJhXvTnLzeP+PpgV:3sWl4tiFAYx8SzHtv/LEWxqKfAghXbLY
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d0572f9a2b2114cb695572984f5dd972_JaffaCakes118
Files
-
d0572f9a2b2114cb695572984f5dd972_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 32KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 25KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE