Behavioral task
behavioral1
Sample
811036a3041ccfc11e788cff17461f3e_JaffaCakes118.exe
Resource
win7-20241010-en
General
-
Target
811036a3041ccfc11e788cff17461f3e_JaffaCakes118
-
Size
362KB
-
MD5
811036a3041ccfc11e788cff17461f3e
-
SHA1
7b7cb77e2dc5cfc36137b199fbff0d4c796f8787
-
SHA256
a9e7fe11e388104ec8a387cb10a8dd184c47e7eef0e69e004c5d6388291b99a9
-
SHA512
d6db18e90db37409d91aaf0717a10f4e300aa3e0ab44ada5d98a3df83bf50a54ac1ab491f222eb91a40f49abd8a2ff50549c51d8b41d59b3f79fb33c7b8df2bf
-
SSDEEP
3072:Lk59fo2r2f0oJDib8iLws7ngPZwGj9Tf8:Lk7o2r2fj2P8sbgWGj9o
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 811036a3041ccfc11e788cff17461f3e_JaffaCakes118
Files
-
811036a3041ccfc11e788cff17461f3e_JaffaCakes118.exe windows:5 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 232KB - Virtual size: 232KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 73KB - Virtual size: 76KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 56KB - Virtual size: 84KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE