Behavioral task
behavioral1
Sample
28e0a61f7fd15782aa4aed91b062680a_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
28e0a61f7fd15782aa4aed91b062680a_JaffaCakes118.exe
Resource
win10v2004-20240704-en
General
-
Target
28e0a61f7fd15782aa4aed91b062680a_JaffaCakes118
-
Size
45KB
-
MD5
28e0a61f7fd15782aa4aed91b062680a
-
SHA1
a9da5c464ae142cbc99831ec32e183f7d6508494
-
SHA256
5b514cd0886c66d75dd790ebb4240b6b938b7bf1a2d52990be28018523220de6
-
SHA512
b4ca29e30a15af40ea4b10268ec4d5f5e4083aecc330d1f98c5a3afed475cb43de97abfc970cb6796ba0ee493a6d373c00e048f7d20b80068c978cc407b04670
-
SSDEEP
768:SCIqdH/k1ZVcT194jp4AfcdBwsHuxE08zUK66VkqdtE/izTgPMnkpo+t+6cC1+pp:SNqaLV8a6AfcdKT6UVI7dtE/izQMnkOZ
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource 28e0a61f7fd15782aa4aed91b062680a_JaffaCakes118 unpack001/out.upx
Files
-
28e0a61f7fd15782aa4aed91b062680a_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 24KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 17KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 30KB - Virtual size: 30KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ