Static task
static1
Behavioral task
behavioral1
Sample
3dccb81826e0a102df3972e8ef1e8c534b1b3afed98f5fbebd45beab9bfbaa44.exe
Resource
win7-20240903-en
General
-
Target
JaffaCakes118_88175c121428ca4a37fe15c06f7c452bdefb69341779396c1fffbc4899ab43fd
-
Size
677KB
-
MD5
900117994da96db76268dcd9d2953877
-
SHA1
0b168fd31bfa73e8a1ce90333b7ceeea58a1a765
-
SHA256
88175c121428ca4a37fe15c06f7c452bdefb69341779396c1fffbc4899ab43fd
-
SHA512
90c18b5552bf2f9efc8b03b4651627c4efcc5259d1b06a989b019f92e7f42d513ea320446ae9e5978102d60bc45f1c95bf6afc2c0b98b2964a70682e6eda0bba
-
SSDEEP
12288:/Qnpaka95UqDnIV/2VFs57KgHmCHFUR+TXHhVj2EguP0929bVFtAbiqA4D9PfJoh:/209OeXVF/2lHw+T3P2BuPX7FCiqVXyl
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/3dccb81826e0a102df3972e8ef1e8c534b1b3afed98f5fbebd45beab9bfbaa44
Files
-
JaffaCakes118_88175c121428ca4a37fe15c06f7c452bdefb69341779396c1fffbc4899ab43fd.zip
Password: infected
-
3dccb81826e0a102df3972e8ef1e8c534b1b3afed98f5fbebd45beab9bfbaa44.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 893KB - Virtual size: 892KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ