Behavioral task
behavioral1
Sample
894d75e316586edebe9cf85d05e5a2c2_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
894d75e316586edebe9cf85d05e5a2c2_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
894d75e316586edebe9cf85d05e5a2c2_JaffaCakes118
-
Size
8.8MB
-
MD5
894d75e316586edebe9cf85d05e5a2c2
-
SHA1
a6a337e08fa3f288b8bd9a2c5d645ac53379b358
-
SHA256
956ed86bebd0d1c27f0936c47137258e5dca23435658788297dc74bbeeb10297
-
SHA512
ce734dbbcc789795f5302ce4f316389f406cacaaaebe4941d3dd4bcecf3caabcc8800380da4219114aca32b5fdf78dbaa458945741a9647d8da1de998514ecb6
-
SSDEEP
196608:47effIPEsy58doQaTxLhQyZbIly38doQalArdfehQM2gsyVCQlXlAryfEQuMozkO:47effIPEsy58doQaTxLhQyZbIly38doe
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource 894d75e316586edebe9cf85d05e5a2c2_JaffaCakes118 unpack001/out.upx
Files
-
894d75e316586edebe9cf85d05e5a2c2_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 132KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 11KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.bss Size: - Virtual size: 114KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 19KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE