Behavioral task
behavioral1
Sample
0c1fe0de251265d688da8f8e116d0e6e_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
0c1fe0de251265d688da8f8e116d0e6e_JaffaCakes118
-
Size
37KB
-
MD5
0c1fe0de251265d688da8f8e116d0e6e
-
SHA1
e0cca0b6070d9cc39ce08aeb6788d49308b1e2ef
-
SHA256
f37d7252b9e2766e275b4db216e0490ac71f31ad3be938d8e2797255c2d73819
-
SHA512
124c9638540b4bdd670cb863ac9dca4c245407253cae9851556384b994c1542713ccbe7367e97662d8cf3e7150496e3d66f67751e14455c5d92c21e3e883c32d
-
SSDEEP
768:9JBgjvlC+dTcPcV1+/qDSbJP8AF20vWYcwRYD9Uxa9StOXZpe4N4msw:BCC+PmwS1PX2dYcwaDOo9StOp5r
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource 0c1fe0de251265d688da8f8e116d0e6e_JaffaCakes118 unpack001/out.upx
Files
-
0c1fe0de251265d688da8f8e116d0e6e_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 52KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 35KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe .wsf windows:4 windows x86 arch:x86 polyglot
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 12KB - Virtual size: 9KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 48KB - Virtual size: 57KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ