Behavioral task
behavioral1
Sample
d70f76b6008f386768aab7029a3e65c4_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d70f76b6008f386768aab7029a3e65c4_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
d70f76b6008f386768aab7029a3e65c4_JaffaCakes118
-
Size
681KB
-
MD5
d70f76b6008f386768aab7029a3e65c4
-
SHA1
9e8eb9b3aacdecc83f6958a7fe34954625976e39
-
SHA256
0d0a42fcf2d1259445fdc41785e62b4d52513defb4536dfc0decc15343f9f859
-
SHA512
c647c0b2e079bf87ab2d5c588a33c8ffa99d8128e768ee4a6d553fc308a94b7b1bb228833157b26c1560cbe66231872a296b05db2740daca5cb9883c4dd5abb3
-
SSDEEP
6144:GWZfec9EbXDk6RkQKDrG1VVE+Ih/UOPSe570Szp3b/UOPSe570Szp3b/UOPSe57B:3ZWtI6RkZupOB0vOB0vOB00OuDGe
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d70f76b6008f386768aab7029a3e65c4_JaffaCakes118
Files
-
d70f76b6008f386768aab7029a3e65c4_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 180KB - Virtual size: 180KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 37KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 30KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE