Behavioral task
behavioral1
Sample
3fa867f9a9195a43398884e42546aa42_JaffaCakes118.exe
Resource
win7-20241010-en
General
-
Target
3fa867f9a9195a43398884e42546aa42_JaffaCakes118
-
Size
145KB
-
MD5
3fa867f9a9195a43398884e42546aa42
-
SHA1
09b7b880a85ba1e11236fea772f9f2e8410b341b
-
SHA256
d1e299776ce853f4ca4fd458455e2a3e61d663fb6dd5b7ddb5acd1e92b66f4f6
-
SHA512
ba985a7e3d25f27f04788a60a15b4597938a3925cb66829f2e68e5e4f1ef402749a7980f537b8072a27d6bba60abc0a6497edea4457de5daa9adb3916cb14529
-
SSDEEP
3072:apGt4e2NB6s6Xwg1+YwrPLkXYHsTuKt5o:OIiB6/XLUYw7gMs6K4
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource 3fa867f9a9195a43398884e42546aa42_JaffaCakes118 unpack001/out.upx
Files
-
3fa867f9a9195a43398884e42546aa42_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 284KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 141KB - Virtual size: 144KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 408KB - Virtual size: 407KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ