Behavioral task
behavioral1
Sample
52abe34c93045c05c8247d74905864c9_JaffaCakes118.exe
Resource
win7-20240708-en
General
-
Target
52abe34c93045c05c8247d74905864c9_JaffaCakes118
-
Size
61KB
-
MD5
52abe34c93045c05c8247d74905864c9
-
SHA1
673bf2f6b3fed8a3d0d92996ff9b6448f834ae56
-
SHA256
021e36820fb2c2f7d8ac487f71a07bcfd4c8384487c7631ad3257092362e9241
-
SHA512
90567dfee88099b8a8f02aee2bcef0fc8cee9df592e44338da57a6d00b2246718befea55f2b12f281fddc603c597a7b4b38e2f73488268ac77eb2c9bcd69fde0
-
SSDEEP
1536:vppZ1B55Nff+4HtTqmtOhm85COvziLp7CAnouy8jEY5qnX/:vppZZfdAYOhm85COvza+ooutjLInX/
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 52abe34c93045c05c8247d74905864c9_JaffaCakes118
Files
-
52abe34c93045c05c8247d74905864c9_JaffaCakes118.exe windows:5 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 53KB - Virtual size: 56KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE