Behavioral task
behavioral1
Sample
2f5269fc89425151857b5dfde1e9bc3b_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
2f5269fc89425151857b5dfde1e9bc3b_JaffaCakes118
-
Size
6.0MB
-
MD5
2f5269fc89425151857b5dfde1e9bc3b
-
SHA1
c95ef6f6862a0b3c9add9bc7a4a47f685268e415
-
SHA256
228812dc8358bf5773655f14ffe58cf1441b4617d887d9c61c9cfe0ee1e1a2aa
-
SHA512
53b0a8acd1f02b155f9ec877b4567482fb1467518e675353f5c58c37dd66036fb4820f00388dd5a6d58f52366b5d4586b9d893407f55d71b3a5cfa7f71fc8eec
-
SSDEEP
98304:iZDB3Zeb/cakKaC2TZt8NlPcak1OiFFW6LAcakKaC2TZt8NlPcakR16UlU+UuB/k:UZeb/dBaC2TZt8NlPdfiuqAdBaC2TZtg
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2f5269fc89425151857b5dfde1e9bc3b_JaffaCakes118
Files
-
2f5269fc89425151857b5dfde1e9bc3b_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 1.9MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 500KB - Virtual size: 504KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE