Behavioral task
behavioral1
Sample
b7fdac158bbb185d4dd7937a5c85f1f6_JaffaCakes118.exe
Resource
win7-20240708-en
General
-
Target
b7fdac158bbb185d4dd7937a5c85f1f6_JaffaCakes118
-
Size
84KB
-
MD5
b7fdac158bbb185d4dd7937a5c85f1f6
-
SHA1
a2da309e3de805019b3693123eb6b5a264d5e4f9
-
SHA256
2f8262cbe82beb940a348d6bf3bd70d7c4e449501a17eba79a6d4a4e50e975cb
-
SHA512
c3c22dff067d685302f23a6199f8ceb3a1a7d3cf1f145f328623f8d1dea2bfc2917bdca5ea50b59a8dd2a2bdbf9dec7c46dc8e3a31340322136cc0068223ee16
-
SSDEEP
1536:W9KDxJhNjADbyDJUR5d0NA+SLGiMPL71mF1iqlRxQRO+N:D1JjUOfSLGiMj71mLiqlDQRf
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource b7fdac158bbb185d4dd7937a5c85f1f6_JaffaCakes118 unpack001/out.upx
Files
-
b7fdac158bbb185d4dd7937a5c85f1f6_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 24KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 77KB - Virtual size: 80KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 50KB - Virtual size: 49KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 35KB - Virtual size: 34KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ