Behavioral task
behavioral1
Sample
4025b5a1109ff025e290d1f56b900f66_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
4025b5a1109ff025e290d1f56b900f66_JaffaCakes118
-
Size
21KB
-
MD5
4025b5a1109ff025e290d1f56b900f66
-
SHA1
285e870123edc7a395a4aa2a91b12a4cbdd4f584
-
SHA256
ee4ecdcf3b03f928f5a8e83bb3232ebe6c597c35e033994b3a41966945710ca1
-
SHA512
d7a0497cc2f486f9c8707dd5a6aa107884096f766448981bb0925787d5cdf5b6b96dddda5b5ced52683252d63354b1bcca4cbeb30cf95824a6252c9d7d95cd51
-
SSDEEP
384:scKmlH7z77cGn4YZTKSucDNArRvj8KtUSpzLZ0nFxZVV3nJNpj+8QZ/Ee:sfmVL7y0T4cDNArZICxpzCLZVV33pS2
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource 4025b5a1109ff025e290d1f56b900f66_JaffaCakes118 unpack001/out.upx
Files
-
4025b5a1109ff025e290d1f56b900f66_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 36KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 17KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 40KB - Virtual size: 38KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ