Behavioral task
behavioral1
Sample
dad3c609cf892989b2f75281d04ed6d8_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
dad3c609cf892989b2f75281d04ed6d8_JaffaCakes118
-
Size
79KB
-
MD5
dad3c609cf892989b2f75281d04ed6d8
-
SHA1
4a53b17bb13149b3bce25594a0b982f589d120d4
-
SHA256
77c717a76d905edd6ee00f6dfdf9a5cecab7d5700c768cfd902b2660e0415f19
-
SHA512
a858ea0db2927aa27b58f2ee2ac9f7f0956d2255b4aa0fa246c6652bfcffa969d04899a600eac1ba1097a74244500f5afe11c6a8f624ac2863fa29dbaa9782af
-
SSDEEP
1536:N8C0iWEpRMhmPfRSqxDyLOY4gO8J749PMkR5LipWF7X261Y6u10nouy8H8BeaLCZ:F0iW18pjx3T8tkvRhipWFP17outH8BHQ
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource dad3c609cf892989b2f75281d04ed6d8_JaffaCakes118
Files
-
dad3c609cf892989b2f75281d04ed6d8_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 92KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 64KB - Virtual size: 68KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE