Behavioral task
behavioral1
Sample
fe348d4619cbc8728a0c2e95579e9c8f_JaffaCakes118.exe
Resource
win10v2004-20240226-en
General
-
Target
fe348d4619cbc8728a0c2e95579e9c8f_JaffaCakes118
-
Size
75KB
-
MD5
fe348d4619cbc8728a0c2e95579e9c8f
-
SHA1
ae14a17d163e169080c2a6cf694b86153abb0efe
-
SHA256
45b72637bd0a5d37d8d18ae08dc321cf70e31a746cb7a504bac3630d916efd62
-
SHA512
382d1c47c7fc3b7f703eb97f6773b6958b8a7bb23e1b6dd415805d014d8e23c4fad3602e0c8aee8bb4cfa777b896e643b7919efd8021578985b5394f741bfd40
-
SSDEEP
1536:hSj50wzvOyybTJ5ez6WpjY/9embtgGapTiDdrHUgOPkaln6Z+XF8JO26:hc0wmyy55ebB2BgPpeDdr70kuI+XF8kp
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource fe348d4619cbc8728a0c2e95579e9c8f_JaffaCakes118 unpack001/out.upx
Files
-
fe348d4619cbc8728a0c2e95579e9c8f_JaffaCakes118.exe windows:10 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 348KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 72KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:10 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 398KB - Virtual size: 398KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ