Behavioral task
behavioral1
Sample
4009b154107fb38de3f0e496b4370240_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
4009b154107fb38de3f0e496b4370240_JaffaCakes118
-
Size
114KB
-
MD5
4009b154107fb38de3f0e496b4370240
-
SHA1
44918f9f3ef6901cde5ca874cf326b529f10ad06
-
SHA256
01bf2ab8ebb7c1b50a7d6ceaae89b3d531b71747bc4a9b9b25e81c6b186599aa
-
SHA512
b0b32a528bde864ea2c2177b17ab0ba870e9409b29c442149ccc0db7063b501b5ad360420f1aecbe46839fdfb6bc1c0f93f2764a643ac4a803b82fc30011e74f
-
SSDEEP
3072:p4GFTHMRYw+mVUdCw68rH4Z2eU+j6GevTf405b3xmc:vumw+mV868rH4ZIvv5b3Mc
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4009b154107fb38de3f0e496b4370240_JaffaCakes118
Files
-
4009b154107fb38de3f0e496b4370240_JaffaCakes118.exe windows:4 windows x86 arch:x86
7a7803027531302026dedc7b5f6025f2
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetProcAddress
Sections
UPX0 Size: - Virtual size: 472KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 109KB - Virtual size: 112KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE