Behavioral task
behavioral1
Sample
dd13189a9a064b67337d17b75a35416f_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
dd13189a9a064b67337d17b75a35416f_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
dd13189a9a064b67337d17b75a35416f_JaffaCakes118
-
Size
464KB
-
MD5
dd13189a9a064b67337d17b75a35416f
-
SHA1
077be8bcfc1c7b7b6e0003207d7a3326f80b3ed2
-
SHA256
5a942a608ba424c38f9a7266c94f8340d2b5d09130dda3cfa5ff858b2bbcc892
-
SHA512
7fa711f8e64d1f9a2ace60d6853de9bcd85a79e1b5014db1006ed67a27f45b74d293f36a97abd44e09c6132ce4c19e408a1551e4fe69f1b8d49bc7994adb37ad
-
SSDEEP
6144:HqmNUNjFdYgMufB3YHTzY1A7i9NHNcUhW+gSbT9lm/9CMDI8bhoMADF:HqzNjbYgdBG+EiCqgMT9lm1BPM
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource dd13189a9a064b67337d17b75a35416f_JaffaCakes118
Files
-
dd13189a9a064b67337d17b75a35416f_JaffaCakes118.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 260KB - Virtual size: 260KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 192KB - Virtual size: 192KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE