Behavioral task
behavioral1
Sample
29b22dac1a7ef212b4e4cfb1c16f74a7_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
29b22dac1a7ef212b4e4cfb1c16f74a7_JaffaCakes118.exe
Resource
win10v2004-20240704-en
General
-
Target
29b22dac1a7ef212b4e4cfb1c16f74a7_JaffaCakes118
-
Size
1.1MB
-
MD5
29b22dac1a7ef212b4e4cfb1c16f74a7
-
SHA1
02f50e8eb746c3b1e9b1117e456be7b012d3f775
-
SHA256
89dcc3f21d5704707c7b27dbf28c9b41be6c3e38ba90c8dde30e9b588752d800
-
SHA512
01a14afe301d13a6572e3c4bcd430b739613983a0715277ea659890c0ce49119f5702d0e835f1eea95e8f09d971c21f8fc82b115d92b4703b79c15cf6bb20809
-
SSDEEP
24576:zrA2lsxRUa7AecKCzeU3P263tdbf9Z/Y41TnFIYEO9Ui0S/XIGfp:7KbUIREPBtdbfJTOA4Ap
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 29b22dac1a7ef212b4e4cfb1c16f74a7_JaffaCakes118
Files
-
29b22dac1a7ef212b4e4cfb1c16f74a7_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
Size: 13KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 56KB - Virtual size: 103KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 1.1MB - Virtual size: 2.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE