220aec2673cf70ce082f7dbd4ee9e60d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

220aec2673cf70ce082f7dbd4ee9e60d_JaffaCakes118
Size

7.6MB
MD5

220aec2673cf70ce082f7dbd4ee9e60d
SHA1

e11940c096eb093da02a5c8a14653c0e89fbbadc
SHA256

e91cb71d5621da15e4935aaafe1b24253889c919db4d27dce637297ae2120ec7
SHA512

0ca671177055d0a8b1fef0a24c916f03322a4b70fa3ae4414ca7e5e229d3fafe94b2e418af31f91d08dc5522e39ff58edf9a361a5c7991ebca22fd01b18ab7c6
SSDEEP

98304:ogJL1ulAl40/eIdRbU3bF8LDhVv6zvh2kiGOrzYCl9uiUmnlDy:sAl40Zwr6LVx6zvIGuYK9ui9nlDy

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
220aec2673cf70ce082f7dbd4ee9e60d_JaffaCakes118

Files

220aec2673cf70ce082f7dbd4ee9e60d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 4.5MB - Virtual size: 14.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 5.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.boot
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 4.5MB - Virtual size: 14.9MB

Size: 1KB - Virtual size: 2KB

Size: 512B - Virtual size: 12B

.idata Size: 1KB - Virtual size: 8KB

.rsrc Size: 2KB - Virtual size: 8KB

.themida Size: - Virtual size: 5.3MB

.boot Size: 3.0MB - Virtual size: 3.0MB

.init Size: 512B - Virtual size: 512B

.data Size: 21KB - Virtual size: 21KB

.text Size: 42KB - Virtual size: 42KB

.reloc Size: 2KB - Virtual size: 8KB

.idata
Size: 1KB - Virtual size: 8KB

.rsrc
Size: 2KB - Virtual size: 8KB

.themida
Size: - Virtual size: 5.3MB

.boot
Size: 3.0MB - Virtual size: 3.0MB

.init
Size: 512B - Virtual size: 512B

.data
Size: 21KB - Virtual size: 21KB

.text
Size: 42KB - Virtual size: 42KB

.reloc
Size: 2KB - Virtual size: 8KB