Behavioral task
behavioral1
Sample
62d68e40daee618e31926561d8dca656_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
62d68e40daee618e31926561d8dca656_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
62d68e40daee618e31926561d8dca656_JaffaCakes118
-
Size
142KB
-
MD5
62d68e40daee618e31926561d8dca656
-
SHA1
f6a411976db212064074330ee369e2f8203d8baf
-
SHA256
87360ca0c19799584efeb077c8327f15ed84c3d3ebf116ec62fc53e61c46680b
-
SHA512
bab29b0992555966de4052cc81d2e73ac42d1ff5454eb3548273fb911dc779019306d01e91ee7e889c1b43a0a4f5951bedf500fc9cf07c4debf58cefe035d516
-
SSDEEP
3072:V3JQEefpv8kZhoN/FgrejAx6GXM+Ld/SAve6Ao:B7O8arejCnNLI8v
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource 62d68e40daee618e31926561d8dca656_JaffaCakes118 unpack001/out.upx
Files
-
62d68e40daee618e31926561d8dca656_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 68KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 134KB - Virtual size: 136KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
.text Size: 97KB - Virtual size: 96KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 88KB - Virtual size: 87KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ