Behavioral task
behavioral1
Sample
b3602f01ca1d20ea7f44e675784f1a37_JaffaCakes118.exe
Resource
win7-20240729-en
General
-
Target
b3602f01ca1d20ea7f44e675784f1a37_JaffaCakes118
-
Size
15KB
-
MD5
b3602f01ca1d20ea7f44e675784f1a37
-
SHA1
465ae24fd2b9f28a6dd68380ae36cd3118ffe2e6
-
SHA256
f2a83879d5e622e6f1dd886cb5530ea01e134b71d8bb6a1d7880121082bcbc43
-
SHA512
674bb9f286eec5bbe283ffdcd7db251a5a537fd074df318fe704a38dcb162dbaa1f00bc27af3287b54589bad0f7b7089665f8d75e474c939e6900b0e50c75c21
-
SSDEEP
192:igFboAu72aHkfnk4haZyxBytHKIskF6ChvrbRqZhs0DRl8iz+CtBl3dWU0wE:igV8SvkmaZ1xKO6ChvXQXbtBl3dnE
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource b3602f01ca1d20ea7f44e675784f1a37_JaffaCakes118 unpack001/out.upx
Files
-
b3602f01ca1d20ea7f44e675784f1a37_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 32KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 12KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ