Behavioral task
behavioral1
Sample
a9a5537295b6f11813bfe0292533b703_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
a9a5537295b6f11813bfe0292533b703_JaffaCakes118
-
Size
567KB
-
MD5
a9a5537295b6f11813bfe0292533b703
-
SHA1
bd1d78bc6acafdc59573e9f365d8448cf1eda865
-
SHA256
fb32fc67b59c6eb9657452f8e84bc99725cf58b472a6eba5585c9119afb74032
-
SHA512
b218f60c1fea5c24026d6de62e0144b004ef5098d5fb52c7a98ba4fa886541e529dc559a508cf8c098eaf809c1b008c3f2b626399423564474b6a07ea1ba6b75
-
SSDEEP
12288:zrXTJ+zAF4/LaEEACSGKyUxya90R6oxLKmoc6JyfhvETNe6oS:zJ4OG7GNU/q6uodJCvET
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a9a5537295b6f11813bfe0292533b703_JaffaCakes118
Files
-
a9a5537295b6f11813bfe0292533b703_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 4.7MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 562KB - Virtual size: 564KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE