Behavioral task
behavioral1
Sample
23fc32ac9e231cac1291f1c73413ec84_JaffaCakes118.exe
Resource
win7-20240508-en
General
-
Target
23fc32ac9e231cac1291f1c73413ec84_JaffaCakes118
-
Size
292KB
-
MD5
23fc32ac9e231cac1291f1c73413ec84
-
SHA1
100f30713863302eb87df17e9074bf067f87cbbe
-
SHA256
cf8c6cf9b2cb5f120d22bc6d6d8b053c5b29e3b230ea9445c838e0da46c24d28
-
SHA512
95b6d6e397032ee09f701c39fcc1f0de71be64a3b46e3116d9f93c213eb0504910190bd3cf6253909847e87e4492f020f60001e7845a9b830c23d33babcb1b51
-
SSDEEP
6144:uaZZ2+A8Zpzz0HYYpQWBmQqMBUAW4HZsgF+W05D0n2QAruQbdxsX:D2+b3zzXYpBmK+AW4ZFInQAA
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource 23fc32ac9e231cac1291f1c73413ec84_JaffaCakes118 unpack001/out.upx
Files
-
23fc32ac9e231cac1291f1c73413ec84_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 40KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 11KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 32KB - Virtual size: 30KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ