Behavioral task
behavioral1
Sample
a0eff75e21d12de5f78b5b0e736f4d4b_JaffaCakes118.exe
Resource
win7-20240705-en
General
-
Target
a0eff75e21d12de5f78b5b0e736f4d4b_JaffaCakes118
-
Size
70KB
-
MD5
a0eff75e21d12de5f78b5b0e736f4d4b
-
SHA1
5dda4c0c8ece0693b5c651de478d20ef5935ba9c
-
SHA256
bbd392a39f74d4bc6aed483883b86ff38e451b050b84a0a7e0ff0240bbe98944
-
SHA512
63b1b6d4ccb21bfc216b910efe41c454228fd232648ca392a84d4e55ddb348bb18bf06e80bce5482052f3b447139c5ccb231da1a3808205b2e4875084509ee22
-
SSDEEP
1536:ZT6SSWKfLqqaTzYd4e0dxPBXpgBpAe1xXyF:ZJIUEd4/gBpB7Xy
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource a0eff75e21d12de5f78b5b0e736f4d4b_JaffaCakes118 unpack001/out.upx
Files
-
a0eff75e21d12de5f78b5b0e736f4d4b_JaffaCakes118.exe windows:5 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 84KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 65KB - Virtual size: 68KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:5 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 10KB - Virtual size: 9KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 60KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 65KB - Virtual size: 64KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ