Behavioral task
behavioral1
Sample
033fcde64436879351681e075b8cb892_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
033fcde64436879351681e075b8cb892_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
033fcde64436879351681e075b8cb892_JaffaCakes118
-
Size
480KB
-
MD5
033fcde64436879351681e075b8cb892
-
SHA1
05344d0eb093769332b628caf71a4df7bc28de37
-
SHA256
387d8343b9db427f3eb9bc4a4a64a0189a5943bee1d751a261b32cb19a2b68f2
-
SHA512
5ce2e75150198a1ec8c3dafa758d05b81542cfefec5b054f32aa8fac3ebde7e16475d0ab7d6cce12f8165480126979861bc7c160df15eb226c7e833c34beae37
-
SSDEEP
12288:gaS90fnRCivIFaq8dNivqYLhqDj7QbPpjMkt5Fl:xfRPSXQNmIDj0Vjzl
Malware Config
Signatures
-
Processes:
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 033fcde64436879351681e075b8cb892_JaffaCakes118
Files
-
033fcde64436879351681e075b8cb892_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 24KB - Virtual size: 56KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 448KB - Virtual size: 448KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE