Behavioral task
behavioral1
Sample
f53b790924fb8c36a858af059c9fd953_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
f53b790924fb8c36a858af059c9fd953_JaffaCakes118
-
Size
301KB
-
MD5
f53b790924fb8c36a858af059c9fd953
-
SHA1
ae913cb641498133fae4fe2764b2ee0028c89a75
-
SHA256
ac00dbcf8d27b70b5410b0f7da9f01e1755d7718fd72f7cb95e70af806bcc65a
-
SHA512
c9189f235ee5955d9d0eab8d8a0fa8b05f3ddd371749a73b8a0cce81ba70b67aa63ec0805bfc99fbe5fba425501c625398d81a2d69ce77a445b96ef744b31ba0
-
SSDEEP
6144:j0KS320ThBxLrUExRaGHSZIGWmRW5DxW5R4PYKHurIX/oBes/q0uT4KoS:jFStPxLrDafZIGyzWOHuoQBegq0OoS
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource f53b790924fb8c36a858af059c9fd953_JaffaCakes118
Files
-
f53b790924fb8c36a858af059c9fd953_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 2.4MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 294KB - Virtual size: 296KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE