Behavioral task
behavioral1
Sample
0fe935b4aed0d4b2d98a97f229626fe1_JaffaCakes118.exe
Resource
win7-20240220-en
General
-
Target
0fe935b4aed0d4b2d98a97f229626fe1_JaffaCakes118
-
Size
800KB
-
MD5
0fe935b4aed0d4b2d98a97f229626fe1
-
SHA1
a155604a614760715f94f0597a625662ca053047
-
SHA256
ba394969597d64716a0c554d7850e0b06afdf1ca097dd853d726fb6c03963a57
-
SHA512
04c10ce229fc65e1500fc7ccb518b7372f83eb005f3ef9b11989fcee2a5513702e5b0e70438075d5c1e48d7993a70600e9def4037bee8a8363319de53ff4759c
-
SSDEEP
24576:j2RLLWLCYgPRSHXdLKyBQtss31Dv9NuIwo2T:K8+YgqdLG3VlNn2
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0fe935b4aed0d4b2d98a97f229626fe1_JaffaCakes118
Files
-
0fe935b4aed0d4b2d98a97f229626fe1_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 64KB - Virtual size: 256KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 724KB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE