Behavioral task
behavioral1
Sample
10daysoral.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
10daysoral.exe
Resource
win10v2004-20240412-en
General
-
Target
f3c7f9aca2cd9b44de43998f13e303e8_JaffaCakes118
-
Size
265KB
-
MD5
f3c7f9aca2cd9b44de43998f13e303e8
-
SHA1
7f6918f4546021fa02d27e8c00c1cd5530d81a10
-
SHA256
ecb7d3d85d1933f955ce5a6a8d9a4aa1dbdae19fafabe219c3004fa78111b34d
-
SHA512
14358dcecce7bfb712a5a621a8a8a4b097c64f63d3f52a840eb83a0b21b33ed5bcb5ecb8e64d060f33e643f737e3e83ba6a2c25ec294f3e0a95cb3f701860957
-
SSDEEP
6144:4AQUvx8tB56OeHPf7mUmPvGdz5eAHWLa638GlINlLzVUP2xTYw+pN:46vOtB5zwrNSudzR2mgWZzK2x/AN
Malware Config
Signatures
-
resource yara_rule static1/unpack001/10daysoral.exe upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/10daysoral.exe
Files
-
f3c7f9aca2cd9b44de43998f13e303e8_JaffaCakes118.rar
-
10daysoral.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: - Virtual size: 412KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 229KB - Virtual size: 232KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE