217406c42eee7058fa7de49d0224cefc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

217406c42eee7058fa7de49d0224cefc_JaffaCakes118
Size

2.6MB
MD5

217406c42eee7058fa7de49d0224cefc
SHA1

d895dcb34661590c5d9d9f0d64999a672ad6deee
SHA256

5518dea9d561047de9b895b2c920b4fa8e1ecff309bf90f1752d3f80ebc5b4d1
SHA512

d5224a8789dfe8044d9b26333b9c40ef4d32152bd0a5e3cba2b5d146986dc1097fe64b1eb45dadabd97af4370541b2498393a456b7159389b84d344866162fb5
SSDEEP

49152:AeYNgxxv6FyJgJQ4n0PHuDSFHMacvr+YLhl8rvKIuA:A6xxvV3RvkKpcvr+Ydl8mE

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
217406c42eee7058fa7de49d0224cefc_JaffaCakes118

Files

217406c42eee7058fa7de49d0224cefc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 105KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

꙰꙰��
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ly5kNj#2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ly5kNj#2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

--XAIBjt
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

--XAIBjt
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

!@k@mlgr
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

!@k@mlgr
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

!@k@mlgr
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 283KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 105KB - Virtual size: 224KB

Size: 4KB - Virtual size: 12KB

Size: 512B - Virtual size: 12B

.idata Size: 512B - Virtual size: 8KB

꙰꙰�� Size: 4KB - Virtual size: 8KB

.themida Size: - Virtual size: 3.7MB

.boot Size: 2.1MB - Virtual size: 2.1MB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

ly5kNj#2 Size: 3KB - Virtual size: 3KB

ly5kNj#2 Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

--XAIBjt Size: 3KB - Virtual size: 3KB

--XAIBjt Size: 3KB - Virtual size: 3KB

!@k@mlgr Size: 3KB - Virtual size: 3KB

!@k@mlgr Size: 3KB - Virtual size: 3KB

!@k@mlgr Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

.rsrc Size: 283KB - Virtual size: 283KB

.idata
Size: 512B - Virtual size: 8KB

꙰꙰��
Size: 4KB - Virtual size: 8KB

.themida
Size: - Virtual size: 3.7MB

.boot
Size: 2.1MB - Virtual size: 2.1MB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

ly5kNj#2
Size: 3KB - Virtual size: 3KB

ly5kNj#2
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

--XAIBjt
Size: 3KB - Virtual size: 3KB

--XAIBjt
Size: 3KB - Virtual size: 3KB

!@k@mlgr
Size: 3KB - Virtual size: 3KB

!@k@mlgr
Size: 3KB - Virtual size: 3KB

!@k@mlgr
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 283KB - Virtual size: 283KB