Behavioral task
behavioral1
Sample
2eae32a342013d2cbf6104c491f81e9f_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2eae32a342013d2cbf6104c491f81e9f_JaffaCakes118.exe
Resource
win10v2004-20240704-en
General
-
Target
2eae32a342013d2cbf6104c491f81e9f_JaffaCakes118
-
Size
97KB
-
MD5
2eae32a342013d2cbf6104c491f81e9f
-
SHA1
e88261c5d22824c8fb7f9a109a8d57b30f8bd7d1
-
SHA256
1dc3b2025847730231f451d24e00348e18cdca605195ea3e2b14363ba3da8e9d
-
SHA512
e4c5c98c58ae91256f58c6c3e65c196c3565ff6fdb6407e0362f142a6875a50b04b59f383d6a158be3d1d3a03f83a2cc855d550e272cc4d22f343ec02f737aab
-
SSDEEP
3072:wnsFJ5urLRC4WSr36WUCWyEPUoOQdJsX/o4R57:wn+qLRC4WSbxUVxJsPo4n
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource 2eae32a342013d2cbf6104c491f81e9f_JaffaCakes118 unpack001/out.upx
Files
-
2eae32a342013d2cbf6104c491f81e9f_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 148KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 96KB - Virtual size: 96KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 208KB - Virtual size: 206KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 16KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE