Behavioral task
behavioral1
Sample
0318050dc1f2db4decb1c35ff14c9f20_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
0318050dc1f2db4decb1c35ff14c9f20_JaffaCakes118
-
Size
491KB
-
MD5
0318050dc1f2db4decb1c35ff14c9f20
-
SHA1
9cd145edf40dc7103a62d7ea37eb48c742b87c78
-
SHA256
dc182c05f3d1b2710d167128eaffa5ff77764bdd359524947fe874826a8bd637
-
SHA512
ce8515d2b7a01877cb5d9734eaad561acf12e4f433e1e0d2c47f8d263adf0603a1c1e4f9b0f2d0725e588b2f5aa8339c1302fb8622ab76053ee34790361f7aca
-
SSDEEP
6144:aS6vcuW4uS/r8I69xfskGcIUuwdqIeoQzJPyJssJ4R/kM4fdFN5/UAPeXcFcU13U:aob4uhB9NsknLSHlQ3T5sAPGM1FTdTc
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource 0318050dc1f2db4decb1c35ff14c9f20_JaffaCakes118 unpack001/out.upx
Files
-
0318050dc1f2db4decb1c35ff14c9f20_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
52HK Size: - Virtual size: 652KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 463KB - Virtual size: 464KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 27KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 524KB - Virtual size: 522KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 276KB - Virtual size: 273KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 60KB - Virtual size: 257KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 44KB - Virtual size: 42KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ