Static task
static1
Behavioral task
behavioral1
Sample
HSBC 10391410192021.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
HSBC 10391410192021.exe
Resource
win10v2004-20240412-en
General
-
Target
f8f165a76b243c15b0dc99aea9edb199_JaffaCakes118
-
Size
368KB
-
MD5
f8f165a76b243c15b0dc99aea9edb199
-
SHA1
81a1580459731b6ecc3f5083a3a312a970224cfe
-
SHA256
0b84b369722f9a00da95d70e7e737f459843d053773148533229260b94f397b2
-
SHA512
ed9851aceba0bb8ae59d41c135aacbc07df2760d9242c7b064b1cc058d46c8630cdacff6cf0cac6897805dde1a7e340331bf314eb6e6457898555d35d19200ea
-
SSDEEP
6144:Da4Zf1IF6dagIfvGC/39AoE7el5XTDXkqelmI/vss2Ju2kOSHxfNf7x27s72TGsQ:vrVdaPZTL9M2kQ4x7E7QMGT
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/HSBC 10391410192021.exe
Files
-
f8f165a76b243c15b0dc99aea9edb199_JaffaCakes118.rar
-
HSBC 10391410192021.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 399KB - Virtual size: 399KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ