Behavioral task
behavioral1
Sample
8d5f43e21af3994cebbeb6b8d11458aa_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
8d5f43e21af3994cebbeb6b8d11458aa_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
8d5f43e21af3994cebbeb6b8d11458aa_JaffaCakes118
-
Size
9KB
-
MD5
8d5f43e21af3994cebbeb6b8d11458aa
-
SHA1
a4dec61efe279e174397e349124be680fd41b9de
-
SHA256
d5dbd77fe2435ba342a8a3fa88a01371b20442694f7deb7dd5cdf98d23954c5e
-
SHA512
df4d8baa6ff7a1de4e1f9d31f984f7d370ed486e07ba39671390e1747e779ca295417bbf5877fc5baa33599bd667bec3345bb9552928edae049f99ddb8be5cac
-
SSDEEP
192:L+itcyanyrJsS4kTEOn3jJjEBNcqORLWHHQvKohCRPOARFw:LDcdydsS4kr3NogtbvtPA8
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource 8d5f43e21af3994cebbeb6b8d11458aa_JaffaCakes118 unpack001/out.upx
Files
-
8d5f43e21af3994cebbeb6b8d11458aa_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 160KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 302B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 146KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 776B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ