Behavioral task
behavioral1
Sample
4296c7d5875d8b3202981bdb3855b337_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
4296c7d5875d8b3202981bdb3855b337_JaffaCakes118
-
Size
123KB
-
MD5
4296c7d5875d8b3202981bdb3855b337
-
SHA1
76a702b68047c874d781df0726e04fb934dcad35
-
SHA256
72f359319121adc9d3b84d892a10522927f4a886d326295a6965b60f159e79ca
-
SHA512
9e9d88ff6a8a40ed89b4637344e6f5d22624af697d1b89ea707fb60b4e8d4c2acca46eebebce071a34c0c97a32707b83b9c34ce3ad39d3eb5c0c953af31a8538
-
SSDEEP
3072:OeSQ41MZrrOwzrq5Ss9eYfphfFQkUcot3EpeBWLL//QS4:OVYrJrOSsRwcppm
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4296c7d5875d8b3202981bdb3855b337_JaffaCakes118
Files
-
4296c7d5875d8b3202981bdb3855b337_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 60KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 107KB - Virtual size: 108KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
42vab535 Size: 62B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
oqvrztrg Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ