Behavioral task
behavioral1
Sample
a5dc3007186ea544c2bdbb6b742ca702_JaffaCakes118.exe
Resource
win7-20240729-en
General
-
Target
a5dc3007186ea544c2bdbb6b742ca702_JaffaCakes118
-
Size
72KB
-
MD5
a5dc3007186ea544c2bdbb6b742ca702
-
SHA1
0ca041bbc0010162dffcc1613a7a4109929f051e
-
SHA256
f7df25f89e7da12873cb3c1c457b29efee9ac478b4f1e403d0dd8a52fde70b57
-
SHA512
42d5594eef3b18fa1b1ef86272d44e3f03af6292df2833c754e8c499889dd3366111ce0fa53af3af250de3346ebd52ff51e7a5073521b92355d292e9dbf4f51a
-
SSDEEP
1536:132coowNtcnA/pURG7f3vTjEU6o4usjU19xs4ETppuNH:V2coowrcceReXTjl4Vks1THuNH
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource a5dc3007186ea544c2bdbb6b742ca702_JaffaCakes118 unpack001/out.upx
Files
-
a5dc3007186ea544c2bdbb6b742ca702_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 96KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 71KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 128KB - Virtual size: 126KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 24KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE