Behavioral task
behavioral1
Sample
3a0c26899007ba9312a8027a9687e141_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
3a0c26899007ba9312a8027a9687e141_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
3a0c26899007ba9312a8027a9687e141_JaffaCakes118
-
Size
15KB
-
MD5
3a0c26899007ba9312a8027a9687e141
-
SHA1
732d062686a7c82c22c570349629e9574b9185d3
-
SHA256
657142b4c3eae0d4fb765b7d06b9e44db2a38a5f8f56d2fc95901aee1edfc87b
-
SHA512
bf608043fbe2c1cb760dd9f3ae366e43a99e0765d975c63ce5809bc80bf2dc3082dd719d7e588e1f4e140d05f7a39ca3187e532298c4cc52333c0073fe4548fa
-
SSDEEP
192:WZCGqaTWOmL5d72t6Sjg2erLg4OBj8Fs51yh8Lp2mue+dUkyQqVUxd3Lodlww35k:jGqUWrHMFgBLg4Cjo0Ldutd1q2d7C5DA
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3a0c26899007ba9312a8027a9687e141_JaffaCakes118
Files
-
3a0c26899007ba9312a8027a9687e141_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 56KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 24KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE