Static task
static1
Behavioral task
behavioral1
Sample
Doc20189700.exe
Resource
win7-20231129-en
General
-
Target
2dad18ca8463273f701f13847bce7790_JaffaCakes118
-
Size
491KB
-
MD5
2dad18ca8463273f701f13847bce7790
-
SHA1
646e94569498d50ceaeb82dc209a147cd72d0a2b
-
SHA256
6ae73a16633fc02a2710ef06d166cfae655774a73d7509afff0b0b81d0ed75b8
-
SHA512
d4bb8ee6fb20e0d196e8dddb847ef723c7ce6fffe5587b4347be11c8ec5223809dda9ef1e996afc40a8547b739ee376105d70ec777999bed1fa023626c031fe8
-
SSDEEP
12288:PYFqSpKaxDx3IcS94WsjAkBHZWNcuTQC1YlXdE0heWQn:gFqypxGnmjdZjEYlt/e/n
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/Doc20189700.exe
Files
-
2dad18ca8463273f701f13847bce7790_JaffaCakes118.zip
-
Doc20189700.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
d.dWF?p" Size: 357KB - Virtual size: 357KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 183KB - Virtual size: 183KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ