Behavioral task
behavioral1
Sample
4cddd6882b5a394b63fd761c10f214cb_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
4cddd6882b5a394b63fd761c10f214cb_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
4cddd6882b5a394b63fd761c10f214cb_JaffaCakes118
-
Size
1.7MB
-
MD5
4cddd6882b5a394b63fd761c10f214cb
-
SHA1
ae276019a3841803e22ddfdb4b354a6886bb325a
-
SHA256
504151bf674b6dc4c705a7b36812a2afe288fb17d7712cb1e66b354a3b538f3b
-
SHA512
edc3b97920ec059497254df962782bdbafbd9dcbc275bd3a38b405822ebd997cb73e4737d26e0b6189df724037bf099b47bf3da19b855608687e2127591e969d
-
SSDEEP
49152:TnP9tNTFSPygaE52Dgu3A8GUe/jlvYP6mtJ:Tn1vTMygz5QelgPltJ
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4cddd6882b5a394b63fd761c10f214cb_JaffaCakes118
Files
-
4cddd6882b5a394b63fd761c10f214cb_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 368KB - Virtual size: 736KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 24KB - Virtual size: 98KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 1.3MB - Virtual size: 2.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE