Behavioral task
behavioral1
Sample
099923485f53b520947293618cb13ba9_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
099923485f53b520947293618cb13ba9_JaffaCakes118.exe
Resource
win10v2004-20240611-en
General
-
Target
099923485f53b520947293618cb13ba9_JaffaCakes118
-
Size
89KB
-
MD5
099923485f53b520947293618cb13ba9
-
SHA1
f850ef71f85a38758f24acb0563e35b235b19f4a
-
SHA256
ca77f739f23423fc177f33a5b0af93b17d08d421e5189edcddb2cdc561c14f8a
-
SHA512
7efdde1b70a43aebba7c1fc10df3dea40e05ad9c514cfedc55881e7c1700ecf0076782fcdf16a9fe2278773d8186d49e9dd82bea8f25449b285636c595d52550
-
SSDEEP
1536:leMDn/a8bM3kDN4jCIwO+fT77BTHZJla6ifi9woC9DlHSMn49Eb2eGF:leeiZMN4+IwO+fzBT5Jg6i+wHDHSM49p
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource 099923485f53b520947293618cb13ba9_JaffaCakes118 unpack001/out.upx
Files
-
099923485f53b520947293618cb13ba9_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 176KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 73KB - Virtual size: 76KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 14KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 93KB - Virtual size: 92KB
Size: - Virtual size:
Size: - Virtual size:
Size: - Virtual size:
Size: - Virtual size:
Size: - Virtual size: