Behavioral task
behavioral1
Sample
ff296a47ee9aae7f8d87ca411d66a683_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ff296a47ee9aae7f8d87ca411d66a683_JaffaCakes118.exe
Resource
win10v2004-20240412-en
General
-
Target
ff296a47ee9aae7f8d87ca411d66a683_JaffaCakes118
-
Size
18KB
-
MD5
ff296a47ee9aae7f8d87ca411d66a683
-
SHA1
0308b1ae3ef13c3ac337990482b37f398bc4215a
-
SHA256
05efb901b271c56fc7fa3c368c1202070bcd7a3af2273b323c9456ca5f7b56fa
-
SHA512
f59f4f7005e6e04d8be6be965a242a167c77090d5b65f446e5312bd76b8519c9b698a4ebe751f33e6b38b4d7e22fa24d205c7c3c73ee7ddb3bc3e3e6fa339d21
-
SSDEEP
384:3d3J1bCHivCr6Yc/NX76Mi3A6/JsQn7EYrKMOMnW/ppCNV12cg/JHvS1:1J1bCCqrZc/NXmMi3fvgMOMmeV4FK
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource ff296a47ee9aae7f8d87ca411d66a683_JaffaCakes118 unpack001/out.upx
Files
-
ff296a47ee9aae7f8d87ca411d66a683_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 300KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 16KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 22KB - Virtual size: 21KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 278KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE