Behavioral task
behavioral1
Sample
beb0f5a0bb224b3f12efcd00e06bc9c9_JaffaCakes118.exe
Resource
win7-20240708-en
General
-
Target
beb0f5a0bb224b3f12efcd00e06bc9c9_JaffaCakes118
-
Size
193KB
-
MD5
beb0f5a0bb224b3f12efcd00e06bc9c9
-
SHA1
bcb36344511a1da608b0425f4797a3d3a6f617af
-
SHA256
5477b69eec3448d3fd0e7ab60c2ae9eb359e1d85405a650e16238ca7cfd9b0bb
-
SHA512
7adbc22817a3209f0f74ace75e5b5bf807a1cef16af7124e9bc2d32cf0ccec1deb4c68ee69d67b766e2ba838f6e246bd2810b656531982e7669c3481422d73f2
-
SSDEEP
3072:/9LOYHBxx9AkvnD/raYI4BM/rU0BJd+YI1dEUu44zRVwF+nIbLUcBhvg:/9LOY3x1PD/M/Q0fUruzn4Uc
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource beb0f5a0bb224b3f12efcd00e06bc9c9_JaffaCakes118 unpack001/out.upx
Files
-
beb0f5a0bb224b3f12efcd00e06bc9c9_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 48KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 167KB - Virtual size: 168KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 25KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 140KB - Virtual size: 139KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 38KB - Virtual size: 37KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 25KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ