Behavioral task
behavioral1
Sample
255d14d418953bd173dba80b8502d737_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
255d14d418953bd173dba80b8502d737_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
255d14d418953bd173dba80b8502d737_JaffaCakes118
-
Size
255KB
-
MD5
255d14d418953bd173dba80b8502d737
-
SHA1
dc8621e8e9312767d3387214a75b000452acadbe
-
SHA256
73ac4a11921f2f7c02c1778403f2cdc94b5362980f8e4250cdeb26d66a8b7a2c
-
SHA512
3b4d661420d9c377c2fad19f84165e3f30acf520dcaf8761ac7ca3d21dcdb228a66c9d6c92b97e242976d031464b184b15ca5f9ff1730ed2ced50c0faef87f1c
-
SSDEEP
6144:UhVWGScp5O34xGz7U4g9Ws42BQjmA4dLmeKgq6eJshA6j8BQU82V:UhE5lN7UrWsrTASLm2xK6oBQU1
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 255d14d418953bd173dba80b8502d737_JaffaCakes118
Files
-
255d14d418953bd173dba80b8502d737_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 5.6MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 1.5MB - Virtual size: 1.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 17KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE