Behavioral task
behavioral1
Sample
29de2563a7f54722a3475345f731ee16_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
29de2563a7f54722a3475345f731ee16_JaffaCakes118.exe
Resource
win10v2004-20240704-en
General
-
Target
29de2563a7f54722a3475345f731ee16_JaffaCakes118
-
Size
162KB
-
MD5
29de2563a7f54722a3475345f731ee16
-
SHA1
c03a3233e5c7294db29d4bf66c9a17c1f265cddc
-
SHA256
f198339b805b6e8fde47d79c391f4db4c280dd12e5144704015d2f1ce5ddf61e
-
SHA512
c521101842037106c96a28c59ff06111dff1985a64c8d1fe22f6634b35db4be10212d351ccb4d6599f57a1a20a4a826faa5e6532e18d3dd985a3dac9be281a0b
-
SSDEEP
3072:rOgpp9ARzWvkPeX+O4WylbzxUMyhdSQvdh6m8OBeETioM:Ck+RzKlXuWEbzxU5dSiPBeAio
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource 29de2563a7f54722a3475345f731ee16_JaffaCakes118 unpack001/out.upx
Files
-
29de2563a7f54722a3475345f731ee16_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 288KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 161KB - Virtual size: 164KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 412KB - Virtual size: 409KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ