Behavioral task
behavioral1
Sample
34cde7c641d7fb2d63184f7ce57b8f3a_JaffaCakes118.exe
Resource
win7-20240708-en
General
-
Target
34cde7c641d7fb2d63184f7ce57b8f3a_JaffaCakes118
-
Size
4.7MB
-
MD5
34cde7c641d7fb2d63184f7ce57b8f3a
-
SHA1
b918236b5365fcb121de91723234f2b1a4994632
-
SHA256
15913012f1a7f8c625a33955b995ef05440bcf7f1994aff9e8b89fb6cf9905f7
-
SHA512
42ed4c5384bfc07e69254c0247cff5d7744d3d67b0d8e2b5f121c08e94d016cd67e6222227b4187e137e1408add313e8b81cd264a293b5bbe549e4f4b26c5fa7
-
SSDEEP
98304:+iGpIem0xSEPpd9pANYc/bgNdthMC87dsWML93P0/GS43w/UQ:+iwOIdvi/MNThFGN9743CUQ
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 34cde7c641d7fb2d63184f7ce57b8f3a_JaffaCakes118
Files
-
34cde7c641d7fb2d63184f7ce57b8f3a_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
Size: 32KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2.9MB - Virtual size: 2.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 1.7MB - Virtual size: 1.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE