Static task
static1
Behavioral task
behavioral1
Sample
proforma invoice.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
proforma invoice.exe
Resource
win10v2004-20240419-en
General
-
Target
0768683a55d17770632299a9b25e7b04_JaffaCakes118
-
Size
505KB
-
MD5
0768683a55d17770632299a9b25e7b04
-
SHA1
574f2dc446a834a254292837cfb18192796264f8
-
SHA256
25fe24fc98f5d8bb89c0dba2a703123f848eeb7bc35c48bc557ca78122838b60
-
SHA512
aa6cf05e9f2341f55d888f6f413d846bb528a5327526a6ecd880a6856776b5b2a7c1589e433e3f339a5dcd227a35d5d1e046ef5f65a7d99708fabeaa6e70474f
-
SSDEEP
12288:sVbeDJ1bi6VtSbtfZ2wD3ikg95NNoUnhLRd9cGh7OrxaU:/nbi6efZP3CFndJZh7Oj
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/proforma invoice.exe
Files
-
0768683a55d17770632299a9b25e7b04_JaffaCakes118.rar
-
proforma invoice.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 545KB - Virtual size: 544KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 18KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ