Static task
static1
Behavioral task
behavioral1
Sample
PO-B1120017228.exe
Resource
win7-20240221-en
General
-
Target
1bcefc01a210a73a4c627b093bd86383_JaffaCakes118
-
Size
226KB
-
MD5
1bcefc01a210a73a4c627b093bd86383
-
SHA1
502d92572caaf2e402c29fec2ca9db74fde53ab7
-
SHA256
1fc02ca1e56c70c0b8e0d3f459c5e154660e9bf3bb2be1ea86a56e09b4c6227f
-
SHA512
bcfa8ec98f039fbec72f312a2955688d3c2e65d4399874de85b94ff0330e7d873b2c30a262ecdfad9390b78334dd1f7a50ba98d1e40f001e28bbca17a35da0e9
-
SSDEEP
3072:0+sY5tZ013YsBKVcfz/dMglHHRBZQgFGU+pE7Ibz/oB+F9dJZaIm8RuU5aAGHsWa:DXDsBa2/KQZ4tIIbcS9oImFU5aAG2l
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/PO-B1120017228.exe
Files
-
1bcefc01a210a73a4c627b093bd86383_JaffaCakes118.rar
-
PO-B1120017228.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 244KB - Virtual size: 243KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ