Behavioral task
behavioral1
Sample
f6074919c50ac0772d3b348d884391d4_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
f6074919c50ac0772d3b348d884391d4_JaffaCakes118
-
Size
406KB
-
MD5
f6074919c50ac0772d3b348d884391d4
-
SHA1
376a261a7b4d5a62ad9b63ecb12f042a46b582fe
-
SHA256
160a7dc52596476a5f03820d7e04227f7e44ba4370581db1a0fc3ba7bb614b85
-
SHA512
012c93d8d0c98cc464ff04941fb86d8c06128260554d831be595e4067a7325bcdf3a6efc8038f62688a3f1eae95773ca678bcf7ecc7532a530e5f4e7683e551b
-
SSDEEP
6144:/P1Xp23//R2gvDWlmfDfXWbyYEsi1+BAG4W+4OyqpIeJPtVDNQcQGH44ytT9gx/:/PtM3/wOfDeG6iVG4hpjRYHtTKx/
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource f6074919c50ac0772d3b348d884391d4_JaffaCakes118 unpack001/out.upx
Files
-
f6074919c50ac0772d3b348d884391d4_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 928KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 401KB - Virtual size: 404KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 600KB - Virtual size: 596KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 20KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 268KB - Virtual size: 320KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 376KB - Virtual size: 375KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ