Static task
static1
Behavioral task
behavioral1
Sample
d8cddc980098b654c3ac1c3b259063b1d23dd602c880a343987b278e0149a0ff.exe
Resource
win7-20241010-en
General
-
Target
JaffaCakes118_1fd70a9f7528d1c0a77ecbf6de91062d878be3022103efb59159f487f0322643
-
Size
11.2MB
-
MD5
45d7a3762ef548a5c942fd2449340640
-
SHA1
e1ee95ebe3161d30050e6d2b6d1958773c3d21c3
-
SHA256
1fd70a9f7528d1c0a77ecbf6de91062d878be3022103efb59159f487f0322643
-
SHA512
44b8e2c3bb900faa4c0fc1a2f0d5d1d83d0398fc3986d324b95ad95fef5b1106424ae6ffbb11882948c882e7f3c105d3bd868a974d894884a7a96d1cfa3ce04c
-
SSDEEP
196608:0x+qYpUN2OXQ0z08+MSM6+dmlCtUCAqv+ZSdAzjBFrXB+msKfHo2l3:i+qN2EtzCn+dqlCAqabrRD3/D
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/d8cddc980098b654c3ac1c3b259063b1d23dd602c880a343987b278e0149a0ff
Files
-
JaffaCakes118_1fd70a9f7528d1c0a77ecbf6de91062d878be3022103efb59159f487f0322643.zip
Password: infected
-
d8cddc980098b654c3ac1c3b259063b1d23dd602c880a343987b278e0149a0ff.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 521KB - Virtual size: 520KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 11.1MB - Virtual size: 11.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ