01ad0a0ca2cb4572373f181032ce7b8a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

01ad0a0ca2cb4572373f181032ce7b8a_JaffaCakes118
Size

5.2MB
MD5

01ad0a0ca2cb4572373f181032ce7b8a
SHA1

0e7155a9d1304e1aee189da5ffa4ae5684f73ae9
SHA256

72b250edc01af98357adda00277be5d3430c498756720b5577eb1811d4f852fb
SHA512

e85f50b24e9328c09958e27e33e0ceaeb37c3efe6407133a60d048b06c761e121fee28c4aa9d1f2fff82aab84edd0f458c37a22ed53c96b7735286d5eba717d6
SSDEEP

98304:l42VAaJvquhkO3lkY8dHLvJ3mZzBcPpkHRe/OE7J3mzaTLn:qc9iO3l43AzSPp97DLn

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01ad0a0ca2cb4572373f181032ce7b8a_JaffaCakes118

Files

01ad0a0ca2cb4572373f181032ce7b8a_JaffaCakes118
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 477KB - Virtual size: 999KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 95KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 198KB - Virtual size: 487KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 25KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 75B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 275B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 2KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.imports
Size: 1024B - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 5KB - Virtual size: 64KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 6.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 64KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 477KB - Virtual size: 999KB

Size: 95KB - Virtual size: 249KB

Size: 198KB - Virtual size: 487KB

Size: 25KB - Virtual size: 43KB

Size: 75B - Virtual size: 148B

Size: 275B - Virtual size: 488B

Size: 2KB - Virtual size: 9KB

.imports Size: 1024B - Virtual size: 64KB

.tls Size: 5KB - Virtual size: 64KB

.rsrc Size: 512B - Virtual size: 64KB

.themida Size: - Virtual size: 6.1MB

.boot Size: 4.4MB - Virtual size: 4.4MB

.reloc Size: 16B - Virtual size: 64KB

.imports
Size: 1024B - Virtual size: 64KB

.tls
Size: 5KB - Virtual size: 64KB

.rsrc
Size: 512B - Virtual size: 64KB

.themida
Size: - Virtual size: 6.1MB

.boot
Size: 4.4MB - Virtual size: 4.4MB

.reloc
Size: 16B - Virtual size: 64KB