dfae2703d5f5b9db5e5bdf5be074594d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dfae2703d5f5b9db5e5bdf5be074594d_JaffaCakes118
Size

2.6MB
MD5

dfae2703d5f5b9db5e5bdf5be074594d
SHA1

cb2034cde167d87e36cdc43ff8d3484e8dcd346f
SHA256

d09b8cc8ae3936107a688d78fac422f7dbdcae8adf85da268c11eab6d9c0f41c
SHA512

58d39bbb917336bf9b398695d3048943c24d6fd01e2ea6dfabd8630ba244ec66055f66a86a3b24ed11b380ab561c9ba0d7a8829b7dfe58340e12af23218a5c8d
SSDEEP

49152:AeYNgxxv6FyJgJQ4n0PHuDSFHMacvr+YLhl8rvKIuAm:A6xxvV3RvkKpcvr+Ydl8mEm

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfae2703d5f5b9db5e5bdf5be074594d_JaffaCakes118

Files

dfae2703d5f5b9db5e5bdf5be074594d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 105KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

꙰꙰��
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ly5kNj#2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ly5kNj#2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

--XAIBjt
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

--XAIBjt
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

!@k@mlgr
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

!@k@mlgr
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

!@k@mlgr
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

꙰꙰��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 283KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 105KB - Virtual size: 224KB

Size: 4KB - Virtual size: 12KB

Size: 512B - Virtual size: 12B

.idata Size: 512B - Virtual size: 8KB

꙰꙰�� Size: 4KB - Virtual size: 8KB

.themida Size: - Virtual size: 3.7MB

.boot Size: 2.1MB - Virtual size: 2.1MB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

ly5kNj#2 Size: 3KB - Virtual size: 3KB

ly5kNj#2 Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

--XAIBjt Size: 3KB - Virtual size: 3KB

--XAIBjt Size: 3KB - Virtual size: 3KB

!@k@mlgr Size: 3KB - Virtual size: 3KB

!@k@mlgr Size: 3KB - Virtual size: 3KB

!@k@mlgr Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

꙰꙰�� Size: 3KB - Virtual size: 3KB

.rsrc Size: 283KB - Virtual size: 283KB

.idata
Size: 512B - Virtual size: 8KB

꙰꙰��
Size: 4KB - Virtual size: 8KB

.themida
Size: - Virtual size: 3.7MB

.boot
Size: 2.1MB - Virtual size: 2.1MB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

ly5kNj#2
Size: 3KB - Virtual size: 3KB

ly5kNj#2
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

--XAIBjt
Size: 3KB - Virtual size: 3KB

--XAIBjt
Size: 3KB - Virtual size: 3KB

!@k@mlgr
Size: 3KB - Virtual size: 3KB

!@k@mlgr
Size: 3KB - Virtual size: 3KB

!@k@mlgr
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

꙰꙰��
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 283KB - Virtual size: 283KB