Behavioral task
behavioral1
Sample
d6e9d3458d68584e078cbfd3bf52dbfd_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
d6e9d3458d68584e078cbfd3bf52dbfd_JaffaCakes118
-
Size
204KB
-
MD5
d6e9d3458d68584e078cbfd3bf52dbfd
-
SHA1
602fbc65f214d917e0e1e0d34abb0450315167b6
-
SHA256
7737e3c46322437c8a63ccde57470e62d26834b9e1a664ad9ed343670624ae2e
-
SHA512
5488a7762c171126e0fb2092989c96072caec80d01d001f66dc90bd015eccdf0a7b733cb9757557716957a57a8d1f1e40eb5312848cff514ed1aaf56ab58e444
-
SSDEEP
3072:xUyyjokVIzcTbiO3w8jUxmBXuxseoWeKQLnKrAxhZS28UCiWq:xhkVIzcTbiEDXux2jy4S28UCiW
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d6e9d3458d68584e078cbfd3bf52dbfd_JaffaCakes118
Files
-
d6e9d3458d68584e078cbfd3bf52dbfd_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: 116KB - Virtual size: 116KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 71KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE