Behavioral task
behavioral1
Sample
eb9eeb7b81e3e48597c145586d1bc764_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
eb9eeb7b81e3e48597c145586d1bc764_JaffaCakes118
-
Size
386KB
-
MD5
eb9eeb7b81e3e48597c145586d1bc764
-
SHA1
ee98e155f345342011a219134e55fdc6ca42abd5
-
SHA256
803f52ca963fc335c906370d31b5adb04f9d0201fc7378f4ec432de6820defa6
-
SHA512
48269117d56129e6aa2a8505e4e796d940525d1015f59b3f154a0aec31046f7cf4b1841d6931db74701025b860d5d41b990d73f70d8944e5fc3407056020e8f0
-
SSDEEP
12288:E9xZ5yN3Cwaw//ikDju436I26h+OoS9Otk:E9vsky/7NKDm+1k
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource eb9eeb7b81e3e48597c145586d1bc764_JaffaCakes118
Files
-
eb9eeb7b81e3e48597c145586d1bc764_JaffaCakes118.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 952KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 313KB - Virtual size: 316KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 66KB - Virtual size: 68KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE