Behavioral task
behavioral1
Sample
014838b5296833c264f72a7dc87df103_JaffaCakes118.exe
Resource
win7-20240708-en
General
-
Target
014838b5296833c264f72a7dc87df103_JaffaCakes118
-
Size
2.6MB
-
MD5
014838b5296833c264f72a7dc87df103
-
SHA1
ff35693b530a6da6579ec72f34bce0055e75a51a
-
SHA256
1316334c27caf0b13a2e4a840df4785476dab87d98bcb68029c9c421751efa04
-
SHA512
b9ed9204e8d2c838b6d8bfecde048fc8dc27359f3a79f5b5caabe063a3f03f254bc628ce717cf07a6cdc355bcc58e4dd047d4c7f06e22878cdb4b3794f35d094
-
SSDEEP
49152:A5H7XnEeFLFOPhdziKTP0XfXczcsl7Za2WwudXjrEuOp+6Way3:hnzTW2WTXT3
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 014838b5296833c264f72a7dc87df103_JaffaCakes118
Files
-
014838b5296833c264f72a7dc87df103_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 7.1MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 2.4MB - Virtual size: 2.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 208KB - Virtual size: 212KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE