Behavioral task
behavioral1
Sample
0913efe8811f6ad6a93e91685cba74ac_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
0913efe8811f6ad6a93e91685cba74ac_JaffaCakes118
-
Size
64KB
-
MD5
0913efe8811f6ad6a93e91685cba74ac
-
SHA1
bd8993a933dab60d6d11f59c7cd49eeb25d25dcc
-
SHA256
ba518c7cedef8f5436c7d1b35c0548c822b0fcfd0d6b33e3ea5507ff9dcb9464
-
SHA512
cb1ac261797ce1cc7260decec235abdce532cee775c8a034a81558d8261fd81163bb7257aac70571712757288b2a494adaae78d36a0302640e674955791f7851
-
SSDEEP
1536:ld6Slkn0b5uSZmh82LXMptuGsuSEwg21D76Y90iVmQX:ldNmn0ISZNOiuGsudwzh2Y953
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource 0913efe8811f6ad6a93e91685cba74ac_JaffaCakes118 unpack001/out.upx
Files
-
0913efe8811f6ad6a93e91685cba74ac_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 80KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 49KB - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 90KB - Virtual size: 89KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 88B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ