983654c42c7dbcfe606794d50dd06ace_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

983654c42c7dbcfe606794d50dd06ace_JaffaCakes118
Size

2.1MB
MD5

983654c42c7dbcfe606794d50dd06ace
SHA1

da0da07d82a7faee3d2d5b045b0eeb9b7d7aa855
SHA256

49255a7e201aebbd0dfd7e9384ada9d184f2fcdacbb054a897be53833b8a2f47
SHA512

b397ba21a2bbb927aebcff171e8445a6a1002d401860d6817ea11bd6e4521742293607799ba6a7394d974542eeb43769e969fc64b1ec7b84600ac48d7e504e97
SSDEEP

49152:TDqlM5ZAZMgcXJysAifSk+x9vIXgPFjMaZQILxNmD/bHjL5RSMkljS:TPgcZXqt7H6GaDvEjS

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

Processes:

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
983654c42c7dbcfe606794d50dd06ace_JaffaCakes118

Files

983654c42c7dbcfe606794d50dd06ace_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 61KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 10KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 798B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 359KB - Virtual size: 542KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 359KB - Virtual size: 545KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 397KB - Virtual size: 837KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.imports
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.loadcon
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.boot
Size: 838KB - Virtual size: 838KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 61KB - Virtual size: 139KB

Size: 10KB - Virtual size: 28KB

Size: 798B - Virtual size: 16KB

Size: 359KB - Virtual size: 542KB

Size: 359KB - Virtual size: 545KB

Size: 5KB - Virtual size: 8KB

Size: 397KB - Virtual size: 837KB

.imports Size: 512B - Virtual size: 4KB

.rsrc Size: 106KB - Virtual size: 106KB

.themida Size: - Virtual size: 2.1MB

.loadcon Size: 512B - Virtual size: 4KB

.boot Size: 838KB - Virtual size: 838KB

.reloc Size: 16B - Virtual size: 4KB

.imports
Size: 512B - Virtual size: 4KB

.rsrc
Size: 106KB - Virtual size: 106KB

.themida
Size: - Virtual size: 2.1MB

.loadcon
Size: 512B - Virtual size: 4KB

.boot
Size: 838KB - Virtual size: 838KB

.reloc
Size: 16B - Virtual size: 4KB