Behavioral task
behavioral1
Sample
fe01eac950461a44e8c0ca277b61bce8_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
fe01eac950461a44e8c0ca277b61bce8_JaffaCakes118.exe
Resource
win10v2004-20240412-en
General
-
Target
fe01eac950461a44e8c0ca277b61bce8_JaffaCakes118
-
Size
192KB
-
MD5
fe01eac950461a44e8c0ca277b61bce8
-
SHA1
303d9011a72e3a203baed118f5007aa66fad3442
-
SHA256
4aa0b0702a027c593493c6be919e115e71b1effa7d307c31be49bfae45625b5e
-
SHA512
a9f4b91e9628116455204333b414d21599b15d8f252c69be41ac37ff410d6e3492d056b167e0b3caf04571b61abe2d9e204e076408c09fca9380f86be190e97e
-
SSDEEP
3072:BnDyK49tD5quvv1MUf4FdHyBhg+WYljT42ztz12S4wutqRy6ttR/a5s+2xcAnY1r:Bn/eRouvv1thHWYlHz12Zw4uTtphDn
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource fe01eac950461a44e8c0ca277b61bce8_JaffaCakes118 unpack001/out.upx
Files
-
fe01eac950461a44e8c0ca277b61bce8_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 124KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 183KB - Virtual size: 184KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
.text Size: 145KB - Virtual size: 145KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 140KB - Virtual size: 140KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ