Behavioral task
behavioral1
Sample
6a494e6a3774354ba620bec22110bcca_JaffaCakes118.exe
Resource
win7-20240708-en
General
-
Target
6a494e6a3774354ba620bec22110bcca_JaffaCakes118
-
Size
161KB
-
MD5
6a494e6a3774354ba620bec22110bcca
-
SHA1
53e94ea9a49e45aba897007b529196010b2af248
-
SHA256
5ad18cae71309724e732797303cdd9e9691b7f37d67c58eec56fbdc8cc864a98
-
SHA512
5ac47a55660d4ad4f562e11033087c7aaa6a39923d093403d7631667bf65736fe389635623e6da36b3664520d8517f8717ac59a523df4b8382ea93ffde7a8d56
-
SSDEEP
1536:SjPzy7rAVb3n3gX72IEJ5NwE4G/a3hd+g/csQwF7bWZ4pDv:YPzyXANQX729D4G/aR3LF7bD5
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource 6a494e6a3774354ba620bec22110bcca_JaffaCakes118 unpack001/out.upx
Files
-
6a494e6a3774354ba620bec22110bcca_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 272KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 47KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 113KB - Virtual size: 133KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 264KB - Virtual size: 261KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 40KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ