Behavioral task
behavioral1
Sample
bbe1adbd70567fde66b54c4fe5000ff3_JaffaCakes118.exe
Resource
win7-20240708-en
General
-
Target
bbe1adbd70567fde66b54c4fe5000ff3_JaffaCakes118
-
Size
84KB
-
MD5
bbe1adbd70567fde66b54c4fe5000ff3
-
SHA1
a9e9e87aa466095c7b1dac998c74354225069482
-
SHA256
47a90dcca1218aa812933094d9f28006acdda49644f357f7b99f6777fbbe4129
-
SHA512
32cb90220cc11f23dfff87d478124bdd5d722e25b0a1f49ba1f4001cdc7abee53b430210878f1fd8306aaa91fbe4d12a261f9c3329fca032675d2418de129ba8
-
SSDEEP
1536:Pv4fOvr3123/HGxZ6cqQf9jwXaNY8YKquC9gbdC8NP9GLs5HGZwVwqE:YWvr62TqOEaRYVzg5C8NFv5mZpp
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource bbe1adbd70567fde66b54c4fe5000ff3_JaffaCakes118 unpack001/out.upx
Files
-
bbe1adbd70567fde66b54c4fe5000ff3_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 40KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 81KB - Virtual size: 84KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 16KB - Virtual size: 14KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 92KB - Virtual size: 91KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ