Behavioral task
behavioral1
Sample
e9b25668467a8146710c6caee31a2f54_JaffaCakes118.exe
Resource
win7-20231129-en
General
-
Target
e9b25668467a8146710c6caee31a2f54_JaffaCakes118
-
Size
530KB
-
MD5
e9b25668467a8146710c6caee31a2f54
-
SHA1
27b949b442ca08669d43b7c5c0810c77e193d81c
-
SHA256
063191bdfa60b87b7c0b4d734017fbbc48d85bc8111793ef2e9190e3b68b6d08
-
SHA512
41363fdea082f1122a160cb8e8e06db6b3cc37c00437b37e01622c49724c57a0acd0c4183e27faf62157682d5934fd62b584d6eb9c56cf36c979055f761be8b4
-
SSDEEP
12288:snged37+lnKFaGXp0xCQHAHCyGOuCWtGFkxCMdn8J1A5qmAugtChb:s7+RKFaQpCCTHCyGrCtOxCInimUztCZ
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource e9b25668467a8146710c6caee31a2f54_JaffaCakes118
Files
-
e9b25668467a8146710c6caee31a2f54_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 49KB - Virtual size: 684KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 477KB - Virtual size: 1.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE