Behavioral task
behavioral1
Sample
3abfd864e3c2651f13d9589740531233_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
3abfd864e3c2651f13d9589740531233_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
3abfd864e3c2651f13d9589740531233_JaffaCakes118
-
Size
341KB
-
MD5
3abfd864e3c2651f13d9589740531233
-
SHA1
cddc1441cbad1fa77dc85894d38479bba77b6304
-
SHA256
6241bf7db0c8bff5e84ae8933d0324e434e04561b2b7a6df098f907fdebaf78d
-
SHA512
afc591d4f7e149ce30e03d724b1ad8b1d7e8cc8114bed96c900770f65a57246b9a9db7df0470620dbe1c756afae2bc40b64be5e988699939883409906cb9527e
-
SSDEEP
6144:dFqbRP88i9GNZw59YXn93XOL+12X//1Jxl5Gw+9ya7FlOWspOlFEmskFSDCFoSk:dFEl8jcww4L+8v/hlcw+9ya7FcBcSmOy
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3abfd864e3c2651f13d9589740531233_JaffaCakes118
Files
-
3abfd864e3c2651f13d9589740531233_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: - Virtual size: 624KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 335KB - Virtual size: 336KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE