Behavioral task
behavioral1
Sample
05ab11e99b6b2d21fca11b1cadf69a9a_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
05ab11e99b6b2d21fca11b1cadf69a9a_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
05ab11e99b6b2d21fca11b1cadf69a9a_JaffaCakes118
-
Size
154KB
-
MD5
05ab11e99b6b2d21fca11b1cadf69a9a
-
SHA1
7d55d8666b02f7642f651200a0d44a43ce725f14
-
SHA256
aea4e3a07c91cd95f7be175f7d7d32c75a510c40d7a89c4ce3bc6801f52c9431
-
SHA512
eec46153a240d4391ff1be554a015adf566cb2d75d4f3b5897cfce4ecda3ab793e6d816bd38f66d0c4e0d21c20dd924bd05f15bc004ba71de8083c936f550671
-
SSDEEP
3072:DzaqaHLfgAwhkU5mLA7o4og1k1oxohrwEl0G03rqPaEMhxFtSG7Q/c:D+qdkLLgivEK503rwaEYBx7j
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 05ab11e99b6b2d21fca11b1cadf69a9a_JaffaCakes118
Files
-
05ab11e99b6b2d21fca11b1cadf69a9a_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 68KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 880KB - Virtual size: 880KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 17KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE