Behavioral task
behavioral1
Sample
d1067c34049cb40c6852e3b2cd81a274_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
d1067c34049cb40c6852e3b2cd81a274_JaffaCakes118
-
Size
320KB
-
MD5
d1067c34049cb40c6852e3b2cd81a274
-
SHA1
458973982d70e18c74c45fee935452c95f336da7
-
SHA256
a2f7f1c54cd5d7e1c25b2510bfe12638c2389d80e897a02a1f013baefcae2738
-
SHA512
f0cf5f281dc27ec0835cb57909b52161e6992264576921c523e8eebc18cf600aa95e98b878fc6d43e2bddd6c0bbabf3619cc3343deea78f5a8f84f854c814ef9
-
SSDEEP
6144:gqUfNp5n5LDO3VokI7BCo6iNR9mpknJq7DgD:gqUfNh/0VokI7BCiNfekJ1
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource d1067c34049cb40c6852e3b2cd81a274_JaffaCakes118 unpack001/out.upx
Files
-
d1067c34049cb40c6852e3b2cd81a274_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 904KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 147KB - Virtual size: 148KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 172KB - Virtual size: 172KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 15KB - Virtual size: 15KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 968KB - Virtual size: 967KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ