Behavioral task
behavioral1
Sample
bb1a01751323e0d2dcfa0d07f3cea4c4_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
bb1a01751323e0d2dcfa0d07f3cea4c4_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
bb1a01751323e0d2dcfa0d07f3cea4c4_JaffaCakes118
-
Size
96KB
-
MD5
bb1a01751323e0d2dcfa0d07f3cea4c4
-
SHA1
96005249cf4971de3e9a574886b8cdffd0e054a5
-
SHA256
fc1cb5cc51082d67a2a10f268f177d73e4867de899c92bffd47ae92306b1ac06
-
SHA512
4e4246a1fa4e1e4aaa7e107566b70553437e7a38932d232d9007bd0c4ec9856c0f3c00ee207c622d8b603b0a9746d25d5bddeb3a84e6c2a46e36890451468a34
-
SSDEEP
3072:0tTr+/ZmLSepD00a19HYwLm/ieLZZ3DR6:7/mXanYwL4b4
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource bb1a01751323e0d2dcfa0d07f3cea4c4_JaffaCakes118 unpack001/out.upx
Files
-
bb1a01751323e0d2dcfa0d07f3cea4c4_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 144KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 94KB - Virtual size: 96KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 204KB - Virtual size: 200KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 16KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE