Behavioral task
behavioral1
Sample
bba9bc42e2c616f5fe42a83dc440b3ae_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
bba9bc42e2c616f5fe42a83dc440b3ae_JaffaCakes118
-
Size
298KB
-
MD5
bba9bc42e2c616f5fe42a83dc440b3ae
-
SHA1
29bd2e241961e4a3470776bececa728974b5f142
-
SHA256
b2c9088dc6b52cc189efc5c4898b5d0b17673542b962c2a5e5313aae22adff45
-
SHA512
e8be963396ab0baea74440b27f88d9d62586a7ac761639f6d71477a7d1d5264197003f7b2be8dc3cdc6100d656097f4ba92853b8f75e9a53b146ca82282de41d
-
SSDEEP
6144:F1161OH3pmoqSDcP56APtw8OZikb/WLbbcu8csOKDCokuFnQJNpT6XgW:FJASIP5NPtw8O1b/WLbbfijOokuFJXz
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
Processes:
resource bba9bc42e2c616f5fe42a83dc440b3ae_JaffaCakes118 unpack001/out.upx
Files
-
bba9bc42e2c616f5fe42a83dc440b3ae_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 40KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 291KB - Virtual size: 292KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 36KB - Virtual size: 35KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 260KB - Virtual size: 256KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ