Behavioral task
behavioral1
Sample
da34a6ed7120d06d3e80025d60a50d0e_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
da34a6ed7120d06d3e80025d60a50d0e_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
da34a6ed7120d06d3e80025d60a50d0e_JaffaCakes118
-
Size
185KB
-
MD5
da34a6ed7120d06d3e80025d60a50d0e
-
SHA1
f9b342f3c4b0ae4f3b13ed1d9c9e725c396edf83
-
SHA256
d3171f9925a6d4e61ad7e1555b8f32b5ea22b6dfcccfe9084af1270592bf7247
-
SHA512
98d0b0516a4618a30c3aa600989f594f8d3b335f40389a6ab8b62057d4692dd8991a6143bc85f9b15b3d85d27185e6dbaf2e492f1ed70b537892e26ef8a1ab16
-
SSDEEP
3072:7mFNe1Sj0zQKBFx5MHF3zFXgYz7ZSBkBGATkBq5PlSKyROWruv+dNQhc7uN5oZJs:kOSYzQKZuFzljQBQGAIY596R2+nHKN5J
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource da34a6ed7120d06d3e80025d60a50d0e_JaffaCakes118
Files
-
da34a6ed7120d06d3e80025d60a50d0e_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 10.6MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 644KB - Virtual size: 644KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 17KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE