Static task
static1
Behavioral task
behavioral1
Sample
Request_for_quotation_8378473847843.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Request_for_quotation_8378473847843.exe
Resource
win10v2004-20240412-en
General
-
Target
f9683997b1733f292b8b22f8a94a315d_JaffaCakes118
-
Size
878KB
-
MD5
f9683997b1733f292b8b22f8a94a315d
-
SHA1
349b1fed7a0cee9f93119fe3f30a73b18589c163
-
SHA256
df88cb3a8f518f0589f2cd9cc1ed652cad16156932d08bf18a226177654e3cda
-
SHA512
6b75f125065772ed2867181a60c05d0b1e3ef5eaed9f7f86f42d995f8c35d66b1ebcacf1939d14c3566630741d3db64a7767ab0db31e6b42e51ed2760d6d5aaf
-
SSDEEP
24576:yNT+SqPYaAb7Gub1+xB/f79wVpoF7O3GGexKP:C6nMZb1+/iVUo
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack002/Request_for_quotation_8378473847843.exe
Files
-
f9683997b1733f292b8b22f8a94a315d_JaffaCakes118.eml
-
RFQ.zip.zip
-
Request_for_quotation_8378473847843.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 958KB - Virtual size: 958KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 290KB - Virtual size: 290KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
email-plain-1.txt