Behavioral task
behavioral1
Sample
d6ba4372cab7ac394fb3833eee5b2935_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
d6ba4372cab7ac394fb3833eee5b2935_JaffaCakes118
-
Size
1.7MB
-
MD5
d6ba4372cab7ac394fb3833eee5b2935
-
SHA1
9113d503ba6a6452dc2cd0e83c4dae66662cd07f
-
SHA256
b7f76dae58dbdf84f47534added731cf766f85863d546beee77451c5fd9e9daf
-
SHA512
9f86af4520a7d921a2a3c85d704eb3862f9fb4edec19040b00cf7b7d4a3f2a4c661bfbe2f0cfad0c5730d2eec44cb6d9a6dd231eb8a0959f199078c207c3afbc
-
SSDEEP
49152:1LC4N/YLXdRx1Y56rFyRVZXmutURNOH8YnUxBlqL6Z:1Ga/YLXdpY56rFyRm6Ei8NxBl9
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource d6ba4372cab7ac394fb3833eee5b2935_JaffaCakes118 unpack001/out.upx
Files
-
d6ba4372cab7ac394fb3833eee5b2935_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 1.2MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 1.5MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 102KB - Virtual size: 104KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 516KB - Virtual size: 512KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.9MB - Virtual size: 1.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 64KB - Virtual size: 210KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 120KB - Virtual size: 116KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ