Behavioral task
behavioral1
Sample
5298a19317afb1e35b75da89e49ef2b0_JaffaCakes118.exe
Resource
win7-20241010-en
General
-
Target
5298a19317afb1e35b75da89e49ef2b0_JaffaCakes118
-
Size
199KB
-
MD5
5298a19317afb1e35b75da89e49ef2b0
-
SHA1
3e72c7de495e79fb5d74b87debf39663b75d3acb
-
SHA256
56538e4ab20a3d41d3e2eef4de296ab44fad5bc8fda9274dd6ce4343e7806d76
-
SHA512
bde97be4d10d10ec6ca353c1b3d5bf2e1fadde97ed11677e89cb0fd6a848dcf1b29a9ad16d58a58fc16b63bbfba1ecde769179a2530fe7a52129ac9612136923
-
SSDEEP
3072:G92R+j8gOSA+pjj4cPLC9g2NcbuyH0zDkqZBvKWYTquXjpQp3V072uzEwS2x7J8v:k2rgjpj5H0VFYTqKIGvzEwxauTIBu
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5298a19317afb1e35b75da89e49ef2b0_JaffaCakes118
Files
-
5298a19317afb1e35b75da89e49ef2b0_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 84KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 37KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 160KB - Virtual size: 160KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
. Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA