Behavioral task
behavioral1
Sample
d48c0ff34b697fe2ef9a550fdc7dd9d3_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
d48c0ff34b697fe2ef9a550fdc7dd9d3_JaffaCakes118
-
Size
200KB
-
MD5
d48c0ff34b697fe2ef9a550fdc7dd9d3
-
SHA1
69a2a4a35ee46ecfe0111d1552ec55adde5ad696
-
SHA256
75723daf603056cf51bca73d15f3c559a307a4512692a507894edbbb7c7c1807
-
SHA512
4107344655e852a387c4479947bd6b18bef6c9340724d9850158382de52bb3c26a3f748418bd12f96d61e134c064de461d27de310c4d7e1f9b654e0d11464dde
-
SSDEEP
3072:tWO7JviF/8k1yQ12QchOIRsFlEgkmFTcRreD9au5nly9UWxtERbw/evxKHlt+qL4:R4F/vYQoQ8JQlQmmleJp5lwASeQHl+
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d48c0ff34b697fe2ef9a550fdc7dd9d3_JaffaCakes118
Files
-
d48c0ff34b697fe2ef9a550fdc7dd9d3_JaffaCakes118.exe windows:4 windows x86 arch:x86
de39dc68941cc6307e3b2590c857a907
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetModuleHandleA
user32
wsprintfA
advapi32
RegCloseKey
ole32
OleRun
Sections
UPX0 Size: - Virtual size: 292KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 101KB - Virtual size: 108KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 26KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.adata Size: 68KB - Virtual size: 114KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE