Behavioral task
behavioral1
Sample
43ea40b4cd3fb46b81f934aa2470db80_JaffaCakes118.exe
Resource
win7-20241010-en
General
-
Target
43ea40b4cd3fb46b81f934aa2470db80_JaffaCakes118
-
Size
31KB
-
MD5
43ea40b4cd3fb46b81f934aa2470db80
-
SHA1
5e4d5292fd4dab5b6d0285fe4e0df9ee6a274809
-
SHA256
7d587d5cc70950a7c4f12471ba41aff395f9a3f709520d241a569f2e66966a0f
-
SHA512
1978ade2333987fe23ba506c8a504ca4a1c9c6f182031419d52856fceca553a14336e8c1daa533ec9aab5d6889b3b7186953b429384a575d821fc9097677d79e
-
SSDEEP
768:qIcmI/CA04iZAbcTS2lXJFo7LDc+LAfh7hC145:HcmCz05AIm2Rzo7vc+LAp7Qq
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource 43ea40b4cd3fb46b81f934aa2470db80_JaffaCakes118 unpack001/out.upx
Files
-
43ea40b4cd3fb46b81f934aa2470db80_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 14KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 36KB - Virtual size: 35KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 54KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE