Behavioral task
behavioral1
Sample
fd7669f109dad07bdb0ea16e3b6e258e_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fd7669f109dad07bdb0ea16e3b6e258e_JaffaCakes118.exe
Resource
win10v2004-20240412-en
General
-
Target
fd7669f109dad07bdb0ea16e3b6e258e_JaffaCakes118
-
Size
19KB
-
MD5
fd7669f109dad07bdb0ea16e3b6e258e
-
SHA1
5348732b03ea1f23d4282de882f3b1d9b4aeda3a
-
SHA256
b532aa065dd5bd5bf9894329269ddc9b2a90fc2743fa724b3c96d013dbe19454
-
SHA512
8e920964e37f531eee5e7c27f7279931278d312160d1948c79aeb284e0a3ccda2d1ed5ecab8028efe654a5689ccabb84c6170ba30e327a8d05d48bd20d3dd705
-
SSDEEP
384:Uyid+UmY+ITNWst16+pHJ2PAQmC2S6lHoOMNlvYRzZvwcuH6D9s9+q/P:UyiKY+ITdtU6EIlFSBO6KRzFZQT
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource fd7669f109dad07bdb0ea16e3b6e258e_JaffaCakes118 unpack001/out.upx
Files
-
fd7669f109dad07bdb0ea16e3b6e258e_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 28KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 18KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ