Behavioral task
behavioral1
Sample
dcf40d19db999aaf8d18f2b190b6c6f0_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
dcf40d19db999aaf8d18f2b190b6c6f0_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
dcf40d19db999aaf8d18f2b190b6c6f0_JaffaCakes118
-
Size
543KB
-
MD5
dcf40d19db999aaf8d18f2b190b6c6f0
-
SHA1
c11063b1ba8e92c93169934330ab5ec7624a354d
-
SHA256
f79798be5ddd8eb2605df875f556951f64b38ea1ea617ef813153b7e22284a30
-
SHA512
cd5fc4e1d5e9d843259f29d7a5060ff7c5199b8db47639efd9d5bc11e8d7a35612b6b0131c9b3d8f941eaf2b7274e25558921532d50ec6b9bc676028fab4df43
-
SSDEEP
6144:QnGzJRBQZ6t9GSsZVmUfxPk7SW77HclS820DoNJFVY9UeR8EHbDwTkd8surzQz8o:QnM6Z6t9wZY+qLFVd88Yes+no
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource dcf40d19db999aaf8d18f2b190b6c6f0_JaffaCakes118
Files
-
dcf40d19db999aaf8d18f2b190b6c6f0_JaffaCakes118.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 308KB - Virtual size: 308KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 222KB - Virtual size: 224KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE