Behavioral task
behavioral1
Sample
fbd9ab25f4c13adf391bfac950b6f03d_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
fbd9ab25f4c13adf391bfac950b6f03d_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
fbd9ab25f4c13adf391bfac950b6f03d_JaffaCakes118
-
Size
391KB
-
MD5
fbd9ab25f4c13adf391bfac950b6f03d
-
SHA1
8d1d8c7cb7f9b35d6c047fb54bb723ce049447ae
-
SHA256
033d765a17e4a09db052982f84da5217109b6dbbac19d6b1669a3686bbf0e7b3
-
SHA512
d1ad5b40dffe660f93f0b178c8b8a323c71857c3927d64f3c053b382718dbdca5689565700be63cb37b85f91ac744f8f68d4615e26e77f0d9863e1efb3697ab3
-
SSDEEP
3072:ohrpI5bLOXRd2qrQrR+ATcxGOgIQB8oX9LjN8oDQS3HpcvPMGbXEUb/mTWQBhXvd:ozIJLOSbDOAHC3MOEU8ibnhPaaHOQO
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource fbd9ab25f4c13adf391bfac950b6f03d_JaffaCakes118
Files
-
fbd9ab25f4c13adf391bfac950b6f03d_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 228KB - Virtual size: 228KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 150KB - Virtual size: 152KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE