Behavioral task
behavioral1
Sample
b4d0d453251afbfe2b565a9c378a79e9_JaffaCakes118.exe
Resource
win7-20240705-en
General
-
Target
b4d0d453251afbfe2b565a9c378a79e9_JaffaCakes118
-
Size
753KB
-
MD5
b4d0d453251afbfe2b565a9c378a79e9
-
SHA1
e141ddad43865a5ac3ed79db48a131b04abd612b
-
SHA256
467d88395742f7f99d23c6058d4123575db00e96bca2f7ce4d17b7b769cd77dc
-
SHA512
eb07b417a48af6a318d3dec7a4dc03cd826e5a313e363750fd46af973f4887b2a9808a7b9c5c64f54d1b72c6d20bbe24ccbe6481d6590b63fc6ec6be0ba5a9b8
-
SSDEEP
12288:TAMvDQeBBrgObs+wALF9NItmBu1ez1upQywmuGNS7RxrXbxdzhUGHepqWqbrxyK5:37QeBBrJs+wAL9I6pupVwPG8r1d1WMLW
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource b4d0d453251afbfe2b565a9c378a79e9_JaffaCakes118 unpack001/out.upx
Files
-
b4d0d453251afbfe2b565a9c378a79e9_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 840KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 751KB - Virtual size: 752KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 36KB - Virtual size: 34KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 1.5MB - Virtual size: 1.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ