Behavioral task
behavioral1
Sample
ef0fb9dd68d9aa302d4ed624aa7fc315_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
ef0fb9dd68d9aa302d4ed624aa7fc315_JaffaCakes118
-
Size
293KB
-
MD5
ef0fb9dd68d9aa302d4ed624aa7fc315
-
SHA1
104229cd15cbf1b43bfe1b456a0fa2af8fbdc6f9
-
SHA256
0dfd38d18a091f767795c4059ff7bb53c8f8f3892e9d372cb44b4c95575cb487
-
SHA512
d594d8ea702028123ff93471c1d09ba422d44c623f400eea7464a43dfca557a104db0a4e3343e15f942b24e3219ae8fad27afeda47798ac3a8f384bf518ace22
-
SSDEEP
6144:dr8L/2LQuZouU1KLH7xRRYoxt60Pp3F5Mng1BeoS:drLkumWLHfPpzPBeoS
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ef0fb9dd68d9aa302d4ed624aa7fc315_JaffaCakes118
Files
-
ef0fb9dd68d9aa302d4ed624aa7fc315_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: - Virtual size: 296KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 286KB - Virtual size: 288KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.MCTeam Size: 512B - Virtual size: 512B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE