Behavioral task
behavioral1
Sample
032a5f6b7a2b62f8ac66f21d71c7b836_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
032a5f6b7a2b62f8ac66f21d71c7b836_JaffaCakes118
-
Size
28KB
-
MD5
032a5f6b7a2b62f8ac66f21d71c7b836
-
SHA1
44985439c44ed8c00fcdf3091b2f555f110aacdf
-
SHA256
0db1175dff2e817ffb633217d652c0e7aad36d8d9362431edddc300041661a02
-
SHA512
adf8306e0c42419b4e8ca3004bdcc0f50be2948cb9d42b76d5787811e3449abee3cdda58424f8f294cb75b7e5935f20569f443a8f85c0e74282e91b74a6d204c
-
SSDEEP
384:Gg7gADSE60DuyKdhTc8rpYJQaB03yF3mV:GhAQdlflYq
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 032a5f6b7a2b62f8ac66f21d71c7b836_JaffaCakes118
Files
-
032a5f6b7a2b62f8ac66f21d71c7b836_JaffaCakes118.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 6KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE