Behavioral task
behavioral1
Sample
373212a60a8702b87c205cf0179d423d_JaffaCakes118.exe
Resource
win7-20240729-en
General
-
Target
373212a60a8702b87c205cf0179d423d_JaffaCakes118
-
Size
782KB
-
MD5
373212a60a8702b87c205cf0179d423d
-
SHA1
47bc8210c282aa1faba6e423154504d8e28a48e6
-
SHA256
32c32ba223885385007dea2bb1904096b4dbf7dd6de2d4d816e3d600bb960cbe
-
SHA512
cba825c1739ed9fceb2a3dd983e159549cfa10ed4f67c183d5eb6d36b403d032b005fdf3ebc897db33e12e049f2941fc84072c4de7ac0dbaeca33ea8cae0a1cd
-
SSDEEP
12288:YOlx4kk9HKda4YfM/1T3PPSnPI2VAWNDTJHq9DIMTW8c1h:YA4Ya1fQzPPSnPFqWtTJK9DIMTW8A
Malware Config
Signatures
-
Urelas family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 373212a60a8702b87c205cf0179d423d_JaffaCakes118
Files
-
373212a60a8702b87c205cf0179d423d_JaffaCakes118.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
IOKGDTTY Size: 464KB - Virtual size: 488KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IOKGDTTY Size: 310KB - Virtual size: 312KB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE