Behavioral task
behavioral1
Sample
0b663a370a28c0e9ddf4bc5209376eb9_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
0b663a370a28c0e9ddf4bc5209376eb9_JaffaCakes118
-
Size
57KB
-
MD5
0b663a370a28c0e9ddf4bc5209376eb9
-
SHA1
70b5d5ec1a961463da4beab2d4742b10e0b5b85d
-
SHA256
6920e0eb712ec2f7dc40389271c0d02441642a1c19e63fdccb391f799ae5b121
-
SHA512
285e94288430f37e9e183f0d519971e7e6a2d1fe08ee4c9da3df2c08920fb788a535c30c821b220fe2a2ead7c9159bbef08a3b550af534efbe43d8db9f5c1e69
-
SSDEEP
1536:M/WuJcHwe9McDMuC5jHPFAYEu5MSPTJtL4h4gPIHwInouy8:M+u+HwgMP5jHPVwSPTJtHifgout
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0b663a370a28c0e9ddf4bc5209376eb9_JaffaCakes118
Files
-
0b663a370a28c0e9ddf4bc5209376eb9_JaffaCakes118.exe windows:1 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 84KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 56KB - Virtual size: 56KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE