Behavioral task
behavioral1
Sample
d084e72ead8e57616e2d1af1fad6ea0a_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
d084e72ead8e57616e2d1af1fad6ea0a_JaffaCakes118
-
Size
90KB
-
MD5
d084e72ead8e57616e2d1af1fad6ea0a
-
SHA1
2b831314f6299adf8e5cab0fa4074e1eb235a200
-
SHA256
bdd79d28ef6349503362554d061450b179eb1cb824f272676a8910d846e20041
-
SHA512
9597e92c21872bd78ff80eb4e5a028b11f8f76eea2863586da8939106946306716a5dec4a7ad626bbbaaf7f8a0192489d054096fc1666b999aef464be314b8f8
-
SSDEEP
1536:+NH8KnGVqiikM6XDwF+uh6eyC3ny9GW0+6uzJvLtfOfwHcHGVFEQIi4iQM31zUoz:s80GV79XOf1n+bjN8HGUQcXM1zUTY9
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource d084e72ead8e57616e2d1af1fad6ea0a_JaffaCakes118 unpack001/out.upx
Files
-
d084e72ead8e57616e2d1af1fad6ea0a_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 168KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 88KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 172KB - Virtual size: 170KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 40KB - Virtual size: 39KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 20KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE