Behavioral task
behavioral1
Sample
0e6cbf51ec5c93d4f64c613d098c0270_JaffaCakes118.exe
Resource
win7-20240508-en
General
-
Target
0e6cbf51ec5c93d4f64c613d098c0270_JaffaCakes118
-
Size
823KB
-
MD5
0e6cbf51ec5c93d4f64c613d098c0270
-
SHA1
07de2f4c662809a6307280bc37cb62de16217c3b
-
SHA256
32f463003a4a3c0ed64ce3d05d1ccd50c68cf4d8d8ce93707781f18572cedce7
-
SHA512
9a51d7355dce976bdd5aa4e2f3b0fd09fb1659719d2062ef5a25d221a8c279e025dd9aa7b8721536e4e85fdd925a7a7899482eba3cb4595ebd5bcabfcc4181a9
-
SSDEEP
12288:m21Vo6nqr3HeSpskjanpd6WCGhNliEsQOz5aP9j4nAOe7duSM1xWDEjhiwjzD:m27o6qyIskGnfCsMEsTAR4EGuEjh1
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0e6cbf51ec5c93d4f64c613d098c0270_JaffaCakes118
Files
-
0e6cbf51ec5c93d4f64c613d098c0270_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
Size: 106KB - Virtual size: 248KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 37KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 675KB - Virtual size: 1.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE