Behavioral task
behavioral1
Sample
e9639235e5e1a2abc99633a3d1fc895e_JaffaCakes118.exe
Resource
win7-20240215-en
General
-
Target
e9639235e5e1a2abc99633a3d1fc895e_JaffaCakes118
-
Size
841KB
-
MD5
e9639235e5e1a2abc99633a3d1fc895e
-
SHA1
4b9ec7a4e9c0c4fcf0b4bdc0dcfbd581c1647c20
-
SHA256
e2490e228d1f2ed431a520d0e29acb134d154a50c27b49a9b2ca1d9bc40361a6
-
SHA512
8312b99c7dd72d06637b16369d1acd465f239e49e2a6ab325ef32faec6420b63b5e83a257cda6361ca80839d27da4a0633a1b94d24775312a1a369a7c6a31b7f
-
SSDEEP
24576:h3IMFRGGP85QS7b1OSsuDz4mwYJG89f1q9uT:pR8GP85N/JwYLVM9Y
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource e9639235e5e1a2abc99633a3d1fc895e_JaffaCakes118
Files
-
e9639235e5e1a2abc99633a3d1fc895e_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
Size: 56KB - Virtual size: 56KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 157KB - Virtual size: 142KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 624KB - Virtual size: 628KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE