Behavioral task
behavioral1
Sample
db949d4b0928d59a17227ea2e9f9382f_JaffaCakes118.exe
Resource
win7-20240708-en
General
-
Target
db949d4b0928d59a17227ea2e9f9382f_JaffaCakes118
-
Size
460KB
-
MD5
db949d4b0928d59a17227ea2e9f9382f
-
SHA1
96c71a0071e07a448ea994ea6ab5dee0aa43b31f
-
SHA256
8c34794398a6de13be4fbc62b2cfb5b51bfe8124e917e92f297e25cfd1eefb25
-
SHA512
20803c30f5c90888724392c810561bc742995d2f1fd500c8b8290a0e272d1a3b3d95df7e65f100f00b1cdaabec9cd5cf9f7eb10fc34e553b4ee99cac43b1164c
-
SSDEEP
6144:/Ewsj2WEVIL7rceUWS8BJ90qEL9IJA4vh4R3tuCoAIWgE1VnVfqu9cx31eb5f4vq:RsjaePZcLOwlsnAXpPTWzYoSko
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource db949d4b0928d59a17227ea2e9f9382f_JaffaCakes118
Files
-
db949d4b0928d59a17227ea2e9f9382f_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_SYSTEM
Sections
UPX0 Size: 88KB - Virtual size: 88KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 365KB - Virtual size: 368KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE