Behavioral task
behavioral1
Sample
2648f77a6c26d24fdf6728c619b9f310_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
2648f77a6c26d24fdf6728c619b9f310_JaffaCakes118
-
Size
47KB
-
MD5
2648f77a6c26d24fdf6728c619b9f310
-
SHA1
5e6c3c594f72b57a692a8b6e4c79f851378c89b6
-
SHA256
01a27f1ce80da1daacbd6088f22c1ef274cd96a44f2415dd066a99728ce49df0
-
SHA512
263537e62b78a2b7a2ea4d8c62c12625535061d2e25cd7833b0e19c7ac0bb25ba1928c0c779e4792018d5b687fabf290b2fdeabea526d64a3d4039632476d845
-
SSDEEP
768:EvIQMy9kGAl7OdH5gm0Gubta5w3HcX5MV+lhH4IgQ4SgPSBOn6ATl3twjCOPSyPh:Ev9nql7Q5gmllw38SkiPcjAzwjCKSyoo
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource 2648f77a6c26d24fdf6728c619b9f310_JaffaCakes118 unpack001/out.upx
Files
-
2648f77a6c26d24fdf6728c619b9f310_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 72KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 39KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 88KB - Virtual size: 87KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ