Behavioral task
behavioral1
Sample
316b2d13fe6deb20e2d661e4da010e9b_JaffaCakes118.exe
Resource
win7-20240704-en
General
-
Target
316b2d13fe6deb20e2d661e4da010e9b_JaffaCakes118
-
Size
570KB
-
MD5
316b2d13fe6deb20e2d661e4da010e9b
-
SHA1
2ce05d30736b6a0e69500fe9a665576d9c24c1d2
-
SHA256
d3fcbe206ce3ba1e838d1896ba30c2f51e60658f983104b8ead302929449f9c6
-
SHA512
9e96f5393237ca4558b2b8d9127c130255edda568ec9a46a136489bbbfca320d821a62c9b32268bc00c90b4966eb1570ec0d9ba62fa62ea97645df4deb392457
-
SSDEEP
12288:KLlwhSg180xftTSzQbJK3P+V8RiR18tH2ugetdWw+8x:KLESgaUVuMFK3P+yUjo2dwB
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 316b2d13fe6deb20e2d661e4da010e9b_JaffaCakes118
Files
-
316b2d13fe6deb20e2d661e4da010e9b_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 26KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 928B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 538KB - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE