Behavioral task
behavioral1
Sample
5306dcd9f88702220f232bc5aaa54f89_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
5306dcd9f88702220f232bc5aaa54f89_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
5306dcd9f88702220f232bc5aaa54f89_JaffaCakes118
-
Size
45KB
-
MD5
5306dcd9f88702220f232bc5aaa54f89
-
SHA1
141c30def7546fd219701f45c90ea6450639cc97
-
SHA256
63cbbe9fa72f33a0dc170a5fef25412605fdcd627a41208810c5d29c3763f489
-
SHA512
ada431ce15d485cc5fb492694b67b3fd2af73588c40f3a53f003bcfd9250d5da72576e9cf57a4573266e3d6caedb7fd906fdf5fefffe5b4496bb5d2712d7913b
-
SSDEEP
768:aSbbf5js4BFpNzfjAXRYLYqXK7oeffFkjMHCebM27ex7deVe7z2MmZ/Eb7tSeV:aSbbBjBv58oLaseX7CebP7IIJ8/tr
Malware Config
Signatures
-
resource yara_rule sample aspack_v212_v242 -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5306dcd9f88702220f232bc5aaa54f89_JaffaCakes118
Files
-
5306dcd9f88702220f232bc5aaa54f89_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 25KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 3KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 1KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.aspack Size: 13KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.adata Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE