Behavioral task
behavioral1
Sample
fd3915fc90cf69959410f91d0789d85a_JaffaCakes118.exe
Resource
win7-20240215-en
General
-
Target
fd3915fc90cf69959410f91d0789d85a_JaffaCakes118
-
Size
1.3MB
-
MD5
fd3915fc90cf69959410f91d0789d85a
-
SHA1
55d68ae66475c73ebd031636cba49252a8d22b14
-
SHA256
7fcd978f9f438aac407ad1bf72dc324cd7b6f7bab2352bab33a458adc335d994
-
SHA512
ad543a73f660a3c7c17cb3933ab2e99f33f6ea6927041534c5507a0543bda86e9ae95da85afd792c4fdee00041eae7cf6dfaee1933a81e0e2201e0f697278d20
-
SSDEEP
24576:JAr9J2mAbWkB2DXjImBySF9pmdy3h4JgnY3zCAYnkSciFTqj67FG:6ZJhWIXjHB9pQanmtgF2jmQ
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource fd3915fc90cf69959410f91d0789d85a_JaffaCakes118
Files
-
fd3915fc90cf69959410f91d0789d85a_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 4KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 1.2MB - Virtual size: 2.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE