Behavioral task
behavioral1
Sample
eef1b265e3aeaaeafabfe74bda31b5cf_JaffaCakes118.exe
Resource
win7-20240220-en
General
-
Target
eef1b265e3aeaaeafabfe74bda31b5cf_JaffaCakes118
-
Size
3.1MB
-
MD5
eef1b265e3aeaaeafabfe74bda31b5cf
-
SHA1
924a445a8fc23c29fe1b294272cb8c8e5ba9c7bb
-
SHA256
c5203826395626892dba5e237dafd85fa8370264c9d150ffeee86c261930e065
-
SHA512
66ce9210947a9901694d8b71ce2ff83e06d31c9af158b0fd507444918af59edd74604a0f81bc45aeb07e7a47c7b84c0a38c6db77da2cf4917036e4515869abc1
-
SSDEEP
49152:B6Ovl41Ww2/TxmN/UyuTGHlhXkUGPPeMdmyaDhg9EKkdTgpR56/+iX8k9BPUoh4b:IOvKnqxuVutPPePlOS/+KBrhK
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource eef1b265e3aeaaeafabfe74bda31b5cf_JaffaCakes118
Files
-
eef1b265e3aeaaeafabfe74bda31b5cf_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 2KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Size: 670B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Size: 16B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.imports Size: 512B - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.themida Size: - Virtual size: 5.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.boot Size: 3.1MB - Virtual size: 3.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ