Behavioral task
behavioral1
Sample
fd505383fe41194209ff8d2301f7d410_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
fd505383fe41194209ff8d2301f7d410_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
fd505383fe41194209ff8d2301f7d410_JaffaCakes118
-
Size
8KB
-
MD5
fd505383fe41194209ff8d2301f7d410
-
SHA1
ca6d141f6f5b94e5abd338177b05363b0b5bd906
-
SHA256
928317a4892281c59fcee3cb051fe88a94bab0df3e76124c3663ef861acb4e5b
-
SHA512
aa0c56984dfa47684ff5f79529054fd7a7345e84879ed5ca6c16d9357f85ac4657a74952de3246ce7394a99079ccb5c082212854bcb3ce5fb39d6ba715583e23
-
SSDEEP
192:nPLIEi1Mpj5Zbwi9ZY5gPjzIIqjIWJcA9Cgh8aVH1tK:Ntpjp9ZY+P7q0WJcA9FDVVc
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource fd505383fe41194209ff8d2301f7d410_JaffaCakes118
Files
-
fd505383fe41194209ff8d2301f7d410_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: - Virtual size: 304KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 426KB - Virtual size: 428KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 41KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE