Behavioral task
behavioral1
Sample
f7b0cdc9d7a20b55b5ece91e5fb72fbb_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f7b0cdc9d7a20b55b5ece91e5fb72fbb_JaffaCakes118.exe
Resource
win10v2004-20240412-en
General
-
Target
f7b0cdc9d7a20b55b5ece91e5fb72fbb_JaffaCakes118
-
Size
6.0MB
-
MD5
f7b0cdc9d7a20b55b5ece91e5fb72fbb
-
SHA1
a21e08ad0100b6c4386c5d2a7f5d4afe80367bdf
-
SHA256
13cee193c2da0e1c39f5d8d9b0cd89d363523c7380b4c9749d1c164f476e95a7
-
SHA512
7d668e92e56fba0228b5e3602b1fcdf1ed714f32fe00f9b8d9e60e1077fe6fb4096a34e030de2e2977b2c7438d37fbb354723142bffba920461bae299abed6e5
-
SSDEEP
196608:47effIPEsy58doQaTzwZ8Jq3ELhf8cHpLG8doQUofydE0xi58doQpKnybCXbv1hD:47effIPEsy58doQaTzwZ8Jq3ELhf8cH1
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource f7b0cdc9d7a20b55b5ece91e5fb72fbb_JaffaCakes118 unpack001/out.upx
Files
-
f7b0cdc9d7a20b55b5ece91e5fb72fbb_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 132KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 11KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.bss Size: - Virtual size: 114KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 19KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE