Behavioral task
behavioral1
Sample
a5b0e1facf4e32c0ef456551e01983fe_JaffaCakes118.exe
Resource
win7-20240729-en
General
-
Target
a5b0e1facf4e32c0ef456551e01983fe_JaffaCakes118
-
Size
48KB
-
MD5
a5b0e1facf4e32c0ef456551e01983fe
-
SHA1
09c49f18f2534577cb5ae3a6c8983ee948f064d7
-
SHA256
cb4ef33d3350fd155856516eb81075959273934970aebabdae7ca0ae4a39ac82
-
SHA512
11f6d36a76e21279ac82e92be8a4235e9637b862c08aa08551bdea2692d0a05f37276a6ef4cdcec93864f1a57b1ff8f14efb37ff623a1d39152008ec3b875269
-
SSDEEP
768:2h1WKQj+dSd+s+oBjC/BDCaJQjPuJc5zh2j1mjZp2frmlIEULMsm:cfno0s+oBjC9X0Poc5gQ2frofULMsm
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource a5b0e1facf4e32c0ef456551e01983fe_JaffaCakes118 unpack001/out.upx
Files
-
a5b0e1facf4e32c0ef456551e01983fe_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 40KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 45KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 67KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ