Behavioral task
behavioral1
Sample
846d6c5e182c147f32004ea242d8635d_JaffaCakes118.exe
Resource
win7-20240704-en
General
-
Target
846d6c5e182c147f32004ea242d8635d_JaffaCakes118
-
Size
100KB
-
MD5
846d6c5e182c147f32004ea242d8635d
-
SHA1
aa29aff408f3016ff4a66ba76d95840ef7e7bae8
-
SHA256
52e188edfcaaeab766d942f873118ece63d9fd9bce21cb3fb4ccc5218fe0e077
-
SHA512
42b32bdb6c5bfd4801e59b4c52bf568d8a8d4482f6f65aea9365e42743580e3c1a98b0a007fc0cc01f034e03f3ef6a6f7d2c48fc00902b2a9bc6a8fb176ad40e
-
SSDEEP
1536:MTI/K5N5qQw3B6IA3D63nwfPEiOGx5gSKISNEIBXqvbwRHPK7iaw7q3cj:MTZ5W39AG3nwnzKISigqy9as
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource 846d6c5e182c147f32004ea242d8635d_JaffaCakes118 unpack001/out.upx
Files
-
846d6c5e182c147f32004ea242d8635d_JaffaCakes118.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 168KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 95KB - Virtual size: 96KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 4KB - Virtual size: 68KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 177KB - Virtual size: 177KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 37KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 30KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE