Behavioral task
behavioral1
Sample
2e3304da8d9a54d3a7fb228e19db8f72_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
2e3304da8d9a54d3a7fb228e19db8f72_JaffaCakes118
-
Size
230KB
-
MD5
2e3304da8d9a54d3a7fb228e19db8f72
-
SHA1
91ca6dc5965c5baae9683968d59ad668ff426787
-
SHA256
dbdbee96e293e811fd197aaaa978b11d4c4752e5adad83cd977c835f349d65ef
-
SHA512
65d785b294cb4e67e35d546da62db65a7f2e98650e681b31ee4ba0c3e7ad13a3c5fb437262d7607b10f720ba4186ba8e20e2bf1a74769764c27d6b423938a75c
-
SSDEEP
6144:V0eLNExQ3gmAG2j7580UJpvNH4TiXfBhkMgDVUqdgtcpgoS:VUQ4GA5sp+qBhi1HgoS
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2e3304da8d9a54d3a7fb228e19db8f72_JaffaCakes118
Files
-
2e3304da8d9a54d3a7fb228e19db8f72_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: - Virtual size: 492KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 225KB - Virtual size: 228KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE