Behavioral task
behavioral1
Sample
deca296179616ce4ec68d41a1c7ed6ae_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
deca296179616ce4ec68d41a1c7ed6ae_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
deca296179616ce4ec68d41a1c7ed6ae_JaffaCakes118
-
Size
14KB
-
MD5
deca296179616ce4ec68d41a1c7ed6ae
-
SHA1
f8cb3e9d8bfeb1f797cf8688cea636871f4c1b9c
-
SHA256
2fff9fc481cc3769ff5db47065b2e7c23a53659f89257069e15878107f8234d9
-
SHA512
5dc4f702bc9718ce73829f276cbbf1163a53399d3d0270549beabdeb0e633777b0fe8ed8ed1e94bcac5b9fd9087525b5f070d5e7e1b95a618f065dc1aafde88a
-
SSDEEP
384:AfSG5oKPtJe5xF0IIp8cXA+hxGFq7QysKEHTemAPGHocP:At5TeDnA8cXAjfSmM67P
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource deca296179616ce4ec68d41a1c7ed6ae_JaffaCakes118
Files
-
deca296179616ce4ec68d41a1c7ed6ae_JaffaCakes118.exe windows:4 windows x86 arch:x86
9817b955894da4725b466526a007931d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetLastError
user32
MessageBoxA
advapi32
RegCreateKeyExA
gdi32
StretchBlt
ws2_32
ntohl
Sections
UPX0 Size: - Virtual size: 32KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 11KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE