Behavioral task
behavioral1
Sample
33cfc71ffbd9926da5b2fa20a6331197_JaffaCakes118.exe
Resource
win7-20240708-en
General
-
Target
33cfc71ffbd9926da5b2fa20a6331197_JaffaCakes118
-
Size
1.0MB
-
MD5
33cfc71ffbd9926da5b2fa20a6331197
-
SHA1
fbbea1155d1226521ff1f40d091f9a866523acd4
-
SHA256
f6fcc6845e29480a276c4f1231f11428968fc80351aa08200360dc5ee97e49ba
-
SHA512
0a32660605c2bd392a4c496cc1d9bc54dcfabfb3436391dd9d4fd8f0d1eb0146ecc6693a8b933943482accd47e3a2f8e3bf19319982ed87145d659a592d68394
-
SSDEEP
24576:FR8DWj4XCw0wzdHBvxsiQUsj4qoigsWMvFBDt4hsqL2sN9ZYszU7:FR81LzdHBvgPWMvFBWhs3sD+szU7
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 33cfc71ffbd9926da5b2fa20a6331197_JaffaCakes118
Files
-
33cfc71ffbd9926da5b2fa20a6331197_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 240KB - Virtual size: 240KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 112KB - Virtual size: 108KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 704KB - Virtual size: 708KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE