231f14a94a846a640956e2b7215a4b03_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

231f14a94a846a640956e2b7215a4b03_JaffaCakes118
Size

2.6MB
MD5

231f14a94a846a640956e2b7215a4b03
SHA1

9b09b1133fda8082001e2796c6e4732618a2c2bc
SHA256

d989839e12ba86da11eda983587a52746a10465c97b0cadc2c797f6472e72a61
SHA512

81632e03e2fe485b061704ac9a812cd48e4d733ee06910f45047a37059f4c3b323ea446c8eb8b4a3ad96beecd2296ea0ece22d301485b5484e76cef252c561aa
SSDEEP

49152:meYNgxxv6FyJgJQ4n0PHuDSFHMacvr+YLhl8rvKIuA:m6xxvV3RvkKpcvr+Ydl8mE

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
231f14a94a846a640956e2b7215a4b03_JaffaCakes118

Files

231f14a94a846a640956e2b7215a4b03_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 105KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

꙰꙰��
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ly5kNj#2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ly5kNj#2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

--XAIBjt
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

--XAIBjt
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

!@k@mlgr
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

!@k@mlgr
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

!@k@mlgr
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 283KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 105KB - Virtual size: 224KB

Size: 4KB - Virtual size: 12KB

Size: 512B - Virtual size: 12B

.idata Size: 512B - Virtual size: 8KB

꙰꙰�� Size: 4KB - Virtual size: 8KB

.themida Size: - Virtual size: 3.7MB

.boot Size: 2.1MB - Virtual size: 2.1MB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

ly5kNj#2 Size: 3KB - Virtual size: 3KB

ly5kNj#2 Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

--XAIBjt Size: 3KB - Virtual size: 3KB

--XAIBjt Size: 3KB - Virtual size: 3KB

!@k@mlgr Size: 3KB - Virtual size: 3KB

!@k@mlgr Size: 3KB - Virtual size: 3KB

!@k@mlgr Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

.rsrc Size: 283KB - Virtual size: 283KB

.idata
Size: 512B - Virtual size: 8KB

꙰꙰��
Size: 4KB - Virtual size: 8KB

.themida
Size: - Virtual size: 3.7MB

.boot
Size: 2.1MB - Virtual size: 2.1MB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

ly5kNj#2
Size: 3KB - Virtual size: 3KB

ly5kNj#2
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

--XAIBjt
Size: 3KB - Virtual size: 3KB

--XAIBjt
Size: 3KB - Virtual size: 3KB

!@k@mlgr
Size: 3KB - Virtual size: 3KB

!@k@mlgr
Size: 3KB - Virtual size: 3KB

!@k@mlgr
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 283KB - Virtual size: 283KB