ca9992b38a1cb0fa081a93bea3e655c3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ca9992b38a1cb0fa081a93bea3e655c3_JaffaCakes118
Size

7.7MB
MD5

ca9992b38a1cb0fa081a93bea3e655c3
SHA1

70669c9aad52181012336409dfba56b0c9f8f9ec
SHA256

e0768c0a339d2e5ed3000856db77ead1dcbc370c7a8c89afe8cf724722951a19
SHA512

757a3773706b8fcb8472dbc53faac6028fbdbe6e18fecf3fed3ebf66474f81fbf6b686344a31300eaa902833765c63c467b44be0d1d1e78a206648b876ff8678
SSDEEP

98304:LYAnbIFk58obgLcjQG1iGUJS4nb3Bj7J3oW3JOix+YVz4sg:84sy5f8LcG7SmV9oW5pT89

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca9992b38a1cb0fa081a93bea3e655c3_JaffaCakes118

Files

ca9992b38a1cb0fa081a93bea3e655c3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 4.5MB - Virtual size: 14.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 5.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.boot
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 4.5MB - Virtual size: 14.9MB

Size: 1KB - Virtual size: 2KB

Size: 512B - Virtual size: 12B

.idata Size: 1KB - Virtual size: 8KB

.rsrc Size: 2KB - Virtual size: 8KB

.themida Size: - Virtual size: 5.3MB

.boot Size: 3.1MB - Virtual size: 3.1MB

.init Size: 512B - Virtual size: 512B

.data Size: 21KB - Virtual size: 21KB

.text Size: 42KB - Virtual size: 42KB

.reloc Size: 2KB - Virtual size: 8KB

.idata
Size: 1KB - Virtual size: 8KB

.rsrc
Size: 2KB - Virtual size: 8KB

.themida
Size: - Virtual size: 5.3MB

.boot
Size: 3.1MB - Virtual size: 3.1MB

.init
Size: 512B - Virtual size: 512B

.data
Size: 21KB - Virtual size: 21KB

.text
Size: 42KB - Virtual size: 42KB

.reloc
Size: 2KB - Virtual size: 8KB