Static task
static1
Behavioral task
behavioral1
Sample
eInvoicing_pdf.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
eInvoicing_pdf.exe
Resource
win10v2004-20240802-en
General
-
Target
97892fa31690fc6659dc38b7f2b74152_JaffaCakes118
-
Size
287KB
-
MD5
97892fa31690fc6659dc38b7f2b74152
-
SHA1
b2f33906a78042fe9c2600c9228eee7676f1729b
-
SHA256
30209ce91bc619e558cbd7da4c5efe49cb4a7b7e16b9f635a7bff60be922ac53
-
SHA512
022f804f504fe49afcb0c30e1b0ca5ed1a6fa3b39ccf08e437fd54c62dd67f1c11c88d4740ed2740ac1772f8639c19afbfb0aaf19713c0dfd100b877b0748347
-
SSDEEP
6144:IFfYIX96nq/g5Wo8QKVqotIkQcbZD+Ml0/j0ZeparK:IVVX96q/Po8JAoKkQcFD+Mluj0iOK
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/eInvoicing_pdf.exe
Files
-
97892fa31690fc6659dc38b7f2b74152_JaffaCakes118.gz
-
eInvoicing_pdf.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 305KB - Virtual size: 305KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.rsrc Size: 364KB - Virtual size: 364KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ