Static task
static1
Behavioral task
behavioral1
Sample
fc3dycxt.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
fc3dycxt.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
新云软件.url
Resource
win7-20240708-en
Behavioral task
behavioral4
Sample
新云软件.url
Resource
win10v2004-20240802-en
General
-
Target
b5818dc77f3f053982f4bb1ebbafc253_JaffaCakes118
-
Size
1.3MB
-
MD5
b5818dc77f3f053982f4bb1ebbafc253
-
SHA1
6a7f77cfbefd38dfb8b7e2f3a39b92f07f4c988e
-
SHA256
ba574b7451c935c3c118387c7453a43a63b8c0e57782bb6327d0cdb6919fbee0
-
SHA512
3390ca6ee0f5c669a48740ca38b81533423c41321d8b037cc6cee7893fb1c09424db3e011da77a737b0d7f166789ae4f22737b69528871a9fc0961ec6b1a1eb4
-
SSDEEP
24576:xUY1ycvaMF4n/jb3TSYR+3kxUsfZ/9IumMBa1OSL5UKsib/ys0k:WYD96/+3kfZVmea5UKf10k
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/fc3dycxt.exe
Files
-
b5818dc77f3f053982f4bb1ebbafc253_JaffaCakes118.rar
-
fc3dycxt.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
XBAFFJB5 Size: - Virtual size: 3.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
MypvKlib Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
k5G9GCwn Size: 1.4MB - Virtual size: 1.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
GnMVmLHj Size: 841B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
nJmTdzJV Size: 40KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
新云软件.url.url