Behavioral task
behavioral1
Sample
36cbea54af5bb4d9d572e82ce3be081e_JaffaCakes118.exe
Resource
win7-20240704-en
General
-
Target
36cbea54af5bb4d9d572e82ce3be081e_JaffaCakes118
-
Size
667KB
-
MD5
36cbea54af5bb4d9d572e82ce3be081e
-
SHA1
36c916f9701289dbbaf900cb922a6b470b0e8853
-
SHA256
c1e94bff63a5e167f773a98c486a9246aa4034b8cf24a71d8eb68082d807bc02
-
SHA512
6ac75b8164264eead501e3411a0dd9c165b245667f42c524d965978a55c60e861efdd4a0e1f3d7860fd138861677fbf9ef9067f0fece7946bcb472ad586c249c
-
SSDEEP
12288:o9WtNlRAwYj/BNYCMT9mJKffGMRa7yzYCwSa3JUEhvyDtuc4uHBsL5G:o9s5AwYjZNYCkFfOMjr4UEcpS5G
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 36cbea54af5bb4d9d572e82ce3be081e_JaffaCakes118
Files
-
36cbea54af5bb4d9d572e82ce3be081e_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 607KB - Virtual size: 612KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE