Behavioral task
behavioral1
Sample
e9aeccb2d0b469a5f7fcd429291261fc_JaffaCakes118.exe
Resource
win7-20240221-en
General
-
Target
e9aeccb2d0b469a5f7fcd429291261fc_JaffaCakes118
-
Size
1.0MB
-
MD5
e9aeccb2d0b469a5f7fcd429291261fc
-
SHA1
e89c24f47c5f5fdea9cb9de2cf157c5572008f17
-
SHA256
e60dcf2bff28dbaaf4b0d2102d89c2c7bbc8c5703a4fe4fe718846b44f407c64
-
SHA512
ba42be08c9a5dbcffef2d0cbfd346797bc7d7059575758492d0f8b9affa8e0decfef30fd9f5bc0d686fbdcae03cf962fad4310304255f33c5a955f62fa42b618
-
SSDEEP
24576:fQKtu1W4hQGbKlL+M8+jU4jGCpxEYrsIGndT/0ACx2mPlCZLBx9e:fQN1WDGbKQTOU4RrrXGdrdmcZlP
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource e9aeccb2d0b469a5f7fcd429291261fc_JaffaCakes118
Files
-
e9aeccb2d0b469a5f7fcd429291261fc_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
Size: 416KB - Virtual size: 924KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 10KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 598KB - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE