Behavioral task
behavioral1
Sample
3e9d8888fc0efdd682aa556335475014_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
3e9d8888fc0efdd682aa556335475014_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
3e9d8888fc0efdd682aa556335475014_JaffaCakes118
-
Size
1.8MB
-
MD5
3e9d8888fc0efdd682aa556335475014
-
SHA1
548722c9810d5c95d5e25a3895c1522c309da8d5
-
SHA256
b9420b3538fdbf3e21e6e3e8999530b11653b2c347262548ac852b97315a6cdd
-
SHA512
a4b26ac59fad69ae740b01f0c8c80af796bc8341e3ab764410209f6bf0f6c51e9b70373efc47989bb09325fe7adb963622ba428eac49be46fc307308f7c29a93
-
SSDEEP
49152:z3EFckuQBX7h5jjzppBAKrVyApM3dUQ9beNZmmhBynZFj:oeUX7b28Pe5briynZV
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3e9d8888fc0efdd682aa556335475014_JaffaCakes118
Files
-
3e9d8888fc0efdd682aa556335475014_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 26KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 928B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 1.7MB - Virtual size: 3.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE