Static task
static1
Behavioral task
behavioral1
Sample
Bankslip.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Bankslip.exe
Resource
win10v2004-20240226-en
General
-
Target
0e32c4f71b960fb4540a3c09133adf54_JaffaCakes118
-
Size
352KB
-
MD5
0e32c4f71b960fb4540a3c09133adf54
-
SHA1
edc011bc3f31eea55583fa17a8d99676bc39ea02
-
SHA256
4afaf7828c6fd5370e554ae2ccea42b7bdab6d663812e54e9681150b2db80ecf
-
SHA512
e38c4cacfd1ffc4b7e025c4604ab04759b1e5963b2a8d2172456243b99bfe8ced08012e954b0259aac593b0bb582d503aa97ce02857ccc29e854eafcb6052537
-
SSDEEP
6144:FgM1sVu3YnB8QRAAeMeoKRWRsUj0YcY7bzg5OqxWmIRlmoYxiWUpZwTAIFU2Q4v8:Fr1EYY2WxAnUrjbzge73R2Tx62bVRDY
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/Bankslip.exe
Files
-
0e32c4f71b960fb4540a3c09133adf54_JaffaCakes118.zip
-
Bankslip.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 370KB - Virtual size: 369KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ