Static task
static1
Behavioral task
behavioral1
Sample
sample.exe
Resource
win7-20240508-en
General
-
Target
70e3896b13db4db7b682f7beb9c00511_JaffaCakes118
-
Size
98KB
-
MD5
70e3896b13db4db7b682f7beb9c00511
-
SHA1
89f9590ade37b275b68f40d6ec6a85afb4026982
-
SHA256
1f6e992bb9f1e4ba2640df7f5f44036fd70696c9b3f3d7a18562bb28fbf3b0e2
-
SHA512
520be39eee46632f1e92c3d8f2cd8f360f0f6ec7956be7f31c6ff90f7687e28d825697fc60c8c1cdf038ec8ef0fc966939152d4ad70e0f5ac84c5c8985600a1d
-
SSDEEP
3072:ta14OKVT8jdyvjMcDm3oGGw8iAdO229D3L0/:ta11KeAjM6m4m8iAdO20LL0/
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/sample
Files
-
70e3896b13db4db7b682f7beb9c00511_JaffaCakes118.bz2
-
sample.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 132KB - Virtual size: 131KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ