Static task
static1
Behavioral task
behavioral1
Sample
563dd94590408df258e1b8364870432b47eb85eac99ee57d252114a726c863f3.exe
Resource
win7-20241010-en
General
-
Target
JaffaCakes118_4a5c20288beee4a20187788f64d7086ba7d4a13edc7b48c6b0447ea2c3107a99
-
Size
2.6MB
-
MD5
7ab4d2ce325b1531caef94e9f9b565b3
-
SHA1
79ec9190941c32eccda38bc0ce0d68763b55d041
-
SHA256
4a5c20288beee4a20187788f64d7086ba7d4a13edc7b48c6b0447ea2c3107a99
-
SHA512
34978117c866b555c9fb336142db856e5c46b8b75407828651e26f75f858577a6e684802af399866445fb394d3f701f0c14075340662ebef92b9a297397e295e
-
SSDEEP
49152:uV+88b5GWFesEIfMK1T6JxAYJwHx1xLB/sK3pYV1+0U0Rm6a0miqlEEAEYW8tis7:uY88blF0SMK6xAqwRzN53pS0j0Pa0mi1
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/563dd94590408df258e1b8364870432b47eb85eac99ee57d252114a726c863f3
Files
-
JaffaCakes118_4a5c20288beee4a20187788f64d7086ba7d4a13edc7b48c6b0447ea2c3107a99.zip
Password: infected
-
563dd94590408df258e1b8364870432b47eb85eac99ee57d252114a726c863f3.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 2.6MB - Virtual size: 2.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 363KB - Virtual size: 363KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ