Behavioral task
behavioral1
Sample
dffe2d6fe07cb0ca622d52de264dfbf2_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
dffe2d6fe07cb0ca622d52de264dfbf2_JaffaCakes118
-
Size
9KB
-
MD5
dffe2d6fe07cb0ca622d52de264dfbf2
-
SHA1
36a06be8de240a296d6e53fea15fcc7825d835cc
-
SHA256
1cdeba0ce712cd4c73aac78ab78394a351731c076874080d844d4683ecfe94b1
-
SHA512
77ae3fc2cf5728f10ee5a2aa960e2f70099b0b2f78178b802a7ed3fc5beef064756aed35c11c55ef53cc2378b5347d24813b8a14cc7ce4d6b1a5e13e9eb8780c
-
SSDEEP
192:H4/6Fd8EQvFKxmgHROT+dkJY5lJ6oYGu:H4+8EQ9WJxOT+dboGu
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource dffe2d6fe07cb0ca622d52de264dfbf2_JaffaCakes118 unpack001/out.upx
Files
-
dffe2d6fe07cb0ca622d52de264dfbf2_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 28KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 6KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 20KB - Virtual size: 17KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ