Behavioral task
behavioral1
Sample
685b2685baeb5d3216306bcdd5fbf41f_JaffaCakes118.exe
Resource
win7-20240704-en
General
-
Target
685b2685baeb5d3216306bcdd5fbf41f_JaffaCakes118
-
Size
241KB
-
MD5
685b2685baeb5d3216306bcdd5fbf41f
-
SHA1
b936a1bf77ea4a7fbdb7dd04bfe526e637c9f712
-
SHA256
38171c704e77004ebae0083d0b764c3b6113bb3586764e2f26d9f37636e4f936
-
SHA512
abb334e17bcd4d40a3d769381d97575eda403c93b29ea20e086bd9378be5bffa456998b43b71cd4034be81432c645798a620974bb7eaa1860102eeaa8d17b6eb
-
SSDEEP
6144:vaR0EM4GyS2Hh3/iWiACCLgHwe1gpU7yH/P:vaM4GyJlapCUHwe1gmyH/P
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource 685b2685baeb5d3216306bcdd5fbf41f_JaffaCakes118 unpack001/out.upx
Files
-
685b2685baeb5d3216306bcdd5fbf41f_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 344KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 213KB - Virtual size: 216KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 27KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 388KB - Virtual size: 384KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 88KB - Virtual size: 86KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 44KB - Virtual size: 42KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ