Behavioral task
behavioral1
Sample
36ffbac03211b9f3557c1b800b272617_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
36ffbac03211b9f3557c1b800b272617_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
36ffbac03211b9f3557c1b800b272617_JaffaCakes118
-
Size
138KB
-
MD5
36ffbac03211b9f3557c1b800b272617
-
SHA1
8838b74d94d13906bb51f32473b13431b7a5543d
-
SHA256
dc1fe099307c6ced7c13f75da78cf26c27ed80d77f3ec19903b246a12cc4bcb7
-
SHA512
f68ca50b7a7440298104057ba4f70e016e05120d60fc00250a60cf12238fe277b9e0dbec8284e6e77770af0ba6bf91147633c4f823ef950888f6855a7da12ee9
-
SSDEEP
3072:3JxU5x/mTQ5GNl6tmtptz9uvLAMliivnGlPpN3qeJqCu:3oSlmGpnWAM8EnGlPptn
Malware Config
Signatures
-
resource yara_rule sample aspack_v212_v242 -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 36ffbac03211b9f3557c1b800b272617_JaffaCakes118
Files
-
36ffbac03211b9f3557c1b800b272617_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 132KB - Virtual size: 496KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE