Behavioral task
behavioral1
Sample
2bd859ca28d06d283168ee51f6860cb7_JaffaCakes118.exe
Resource
win7-20240704-en
General
-
Target
2bd859ca28d06d283168ee51f6860cb7_JaffaCakes118
-
Size
52KB
-
MD5
2bd859ca28d06d283168ee51f6860cb7
-
SHA1
9246a85a06084bb6a176f197e35bc5d77630f638
-
SHA256
c5741e2a4f5d2141fc2f2fccd775c501e3c19e460ec530ffccd8969ed21aac07
-
SHA512
f6caee574d1f9b8ae24f2b0e340d4ebf8badc382cb934e4b16149fffe263c8a21c086605c759e0819a802d472e8c36c6906d0e1b11998d086c2f078fcc19731c
-
SSDEEP
384:PvY2L8o3Sh/FUNd3pSGYK2KQZgPygH/ntyWiLWPkWX2XT7I85pQqvW0y:PvGo3Sh/FIpSGQafH/taopXWTd58
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2bd859ca28d06d283168ee51f6860cb7_JaffaCakes118
Files
-
2bd859ca28d06d283168ee51f6860cb7_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE