Behavioral task
behavioral1
Sample
3ec7d0f5155b9db4d90c358b55f4e273_JaffaCakes118.exe
Resource
win7-20240704-en
General
-
Target
3ec7d0f5155b9db4d90c358b55f4e273_JaffaCakes118
-
Size
2.1MB
-
MD5
3ec7d0f5155b9db4d90c358b55f4e273
-
SHA1
dfc34da1dae856d262acc4bfd0b64ce26dd72d26
-
SHA256
59e96f13ab521d2f3ecd3114ded7fa97fe76369cf27bb00bc4e762f742ae07fe
-
SHA512
7b910272aef31735469bfc3bb19468630a47987b5ca373e5a274d60e169aadca99a6a866c0d243bdd11dfb9a1462889ec306e02dd29214320d0b62367ba2b199
-
SSDEEP
49152:OzU/CEzFy0zxWvknYFpLdiAzAmfvynW6pAqBqAjDRbP:B/vFAvkwSAzA2gWQAqBqAjDRbP
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3ec7d0f5155b9db4d90c358b55f4e273_JaffaCakes118
Files
-
3ec7d0f5155b9db4d90c358b55f4e273_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
Size: 728KB - Virtual size: 728KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 34KB - Virtual size: 33KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
mm520 Size: 22B - Virtual size: 22B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE