Behavioral task
behavioral1
Sample
ddfa98471e6c2c794d19589ff2e5aa65_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
ddfa98471e6c2c794d19589ff2e5aa65_JaffaCakes118
-
Size
141KB
-
MD5
ddfa98471e6c2c794d19589ff2e5aa65
-
SHA1
bac4b724eb7cac9184c6d8bd811dbc7560a859aa
-
SHA256
8e6cc85e32e3f0b9ccf9cae5258cd43e603dffaee01835dfe0d7fb5dc5d10821
-
SHA512
1d0fc0208d8f956f77f52a0d1333c30d87fcaf171b1f5b5af0fb45792a914739dff3f7aa4cae2782941b2c9c2b1263f1f0278206aae62783a22af694001304a4
-
SSDEEP
3072:SqF0bAiyVvCXu4aZDTxPWbosXI+y7uffng58ujDZx+iQdP7U0:Q/yVWa5dWbosQYZwzo
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource ddfa98471e6c2c794d19589ff2e5aa65_JaffaCakes118 unpack001/out.upx
Files
-
ddfa98471e6c2c794d19589ff2e5aa65_JaffaCakes118.exe windows:8 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 188KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 139KB - Virtual size: 140KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:8 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 36KB - Virtual size: 36KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 123KB - Virtual size: 124KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 152KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ