Behavioral task
behavioral1
Sample
de7e8f3c6ad3e52bc7529e6b25af5746_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
de7e8f3c6ad3e52bc7529e6b25af5746_JaffaCakes118
-
Size
174KB
-
MD5
de7e8f3c6ad3e52bc7529e6b25af5746
-
SHA1
eae2b474898cd9c88e9d13b6a8c913369abef01f
-
SHA256
78042c6b4ec5489e48623c63e250a09a3014be78dcb87bf6b08ed9c5cf3e2e38
-
SHA512
c788400b0fb4dc1714491481a91962bafe6650868be0e6e1eb58f137fec71c804a3fd19361d6d5d7c1d4a613225c43d71ebdd85cd1df25de256308e18557f8e0
-
SSDEEP
3072:EjtkodpMluxmOVxElsg+u2PYm2fKSJO8X5CplXadEuKGrtHrjbe0mrt2v:EWow2m6UsgRhzJAlXhGZHwrw
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource de7e8f3c6ad3e52bc7529e6b25af5746_JaffaCakes118
Files
-
de7e8f3c6ad3e52bc7529e6b25af5746_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 32KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 172KB - Virtual size: 172KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE