Behavioral task
behavioral1
Sample
06867d3353049109fb3a5d77f1024e64_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
06867d3353049109fb3a5d77f1024e64_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
06867d3353049109fb3a5d77f1024e64_JaffaCakes118
-
Size
137KB
-
MD5
06867d3353049109fb3a5d77f1024e64
-
SHA1
bb6be9420290aa8254df0f753494356932fbe5a1
-
SHA256
73401984a66008ba4bffa015693fdd6535075e6769a43d564061acc02d55df07
-
SHA512
43d0fdc5b5b69b722533699455f5c1fb2013abecb2cf902532a2b751379109f4bcfe7f3203c9064b0942b646399bdd05625b1c642961348b33e35032c6ec9137
-
SSDEEP
1536:u/nrqyjrPvRu/BCjnqy8B/lCew3h0Yb9hzuMYaHqW5g1HklJNprKR9lpJtHL53WG:Ye8jMCjM/keGyMYaKW6WXrORRJtrlq
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 06867d3353049109fb3a5d77f1024e64_JaffaCakes118
Files
-
06867d3353049109fb3a5d77f1024e64_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 212KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 125KB - Virtual size: 128KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE