c55e4081d3e962fb056acb6528aa7014_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c55e4081d3e962fb056acb6528aa7014_JaffaCakes118
Size

2.4MB
MD5

c55e4081d3e962fb056acb6528aa7014
SHA1

f0ca269cfc8b8711edcb613bf9d195126824dabe
SHA256

5f8e522b6d63f87c422b6891af965e3e80e2092ec338e3805cd420a4edaf2ac6
SHA512

9a11a9bff907695800fd711fc9c21bfdb1936fc0554fd9a9acff2ce0d82294e30b6a899294e74ffb2162b3559bf02c88013811b6e51492e0c0747a7cd1580870
SSDEEP

49152:aj+TvpG1uS3FJz0hRs5TTqPVKbOZxIuj4UiAYpIz3fbeGw:aaAuyJxqUbSyuZqpg3fb5

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c55e4081d3e962fb056acb6528aa7014_JaffaCakes118

Files

c55e4081d3e962fb056acb6528aa7014_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 104KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

O v7꙰.
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

O v7꙰.
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

O v7꙰.
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

O v7꙰.
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

O v7꙰.
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

O v7꙰.
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 104KB - Virtual size: 216KB

Size: 4KB - Virtual size: 12KB

Size: 512B - Virtual size: 12B

.idata Size: 512B - Virtual size: 8KB

O v7꙰. Size: 4KB - Virtual size: 8KB

.themida Size: - Virtual size: 3.9MB

.boot Size: 2.2MB - Virtual size: 2.2MB

O v7꙰. Size: 3KB - Virtual size: 3KB

O v7꙰. Size: 3KB - Virtual size: 3KB

O v7꙰. Size: 3KB - Virtual size: 3KB

O v7꙰. Size: 3KB - Virtual size: 3KB

O v7꙰. Size: 3KB - Virtual size: 3KB

.rsrc Size: 61KB - Virtual size: 60KB

.idata
Size: 512B - Virtual size: 8KB

O v7꙰.
Size: 4KB - Virtual size: 8KB

.themida
Size: - Virtual size: 3.9MB

.boot
Size: 2.2MB - Virtual size: 2.2MB

O v7꙰.
Size: 3KB - Virtual size: 3KB

O v7꙰.
Size: 3KB - Virtual size: 3KB

O v7꙰.
Size: 3KB - Virtual size: 3KB

O v7꙰.
Size: 3KB - Virtual size: 3KB

O v7꙰.
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 61KB - Virtual size: 60KB