Behavioral task
behavioral1
Sample
17c4f1f376c73fd1ffdb6dd843626875_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
17c4f1f376c73fd1ffdb6dd843626875_JaffaCakes118.exe
Resource
win10v2004-20240226-en
General
-
Target
17c4f1f376c73fd1ffdb6dd843626875_JaffaCakes118
-
Size
1.3MB
-
MD5
17c4f1f376c73fd1ffdb6dd843626875
-
SHA1
b718e7b79464b1cb8587a9f9b24d07f681775067
-
SHA256
4e8abae42375f157b94838bc782cee47ba1b891d5b26ceba6ae03a8450e55a3d
-
SHA512
b6952380d0f8a24e897ddd1a89835a3cfc1b9b766cb71ebb33621bd03eae80a272733b731bb923f20eeb4574f5269bdda1499829ca2d39b7397344ab2f92eef7
-
SSDEEP
24576:v+Hp8akosF9d8xLMF7R5TOfok9RPqWv3lF96Io0O/pqlI3BV/3DoSR:v+J1k78x43ofx3PqqVF8d1xVfP
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 17c4f1f376c73fd1ffdb6dd843626875_JaffaCakes118
Files
-
17c4f1f376c73fd1ffdb6dd843626875_JaffaCakes118.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 20KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 77KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 1.2MB - Virtual size: 2.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE