Behavioral task
behavioral1
Sample
642a65f497bcf3a37b913c94d6afa17d_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
642a65f497bcf3a37b913c94d6afa17d_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
642a65f497bcf3a37b913c94d6afa17d_JaffaCakes118
-
Size
324KB
-
MD5
642a65f497bcf3a37b913c94d6afa17d
-
SHA1
fab1d2bb08aa79ef255dc56b82dbebd1bb6a776f
-
SHA256
1ec7e4690edec087bcd319be7f3bef486dd42367f42722b5fe6292b43e2f717c
-
SHA512
8ce86925e7289ad8d694f2ade97acd84146355505a0e6ac7a7a7cc2ec3da8cfa36264ee1856749851ef434c999087e93aaf5f5dba1e4bc2275e4bd1d33a458cc
-
SSDEEP
6144:K/7Vhex4LKeBEvbhe1mpL1O7zrPI0dy3OkAt+bs8XLKgs:u/exvd0mV1org0o+vwbL1s
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 642a65f497bcf3a37b913c94d6afa17d_JaffaCakes118
Files
-
642a65f497bcf3a37b913c94d6afa17d_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 35KB - Virtual size: 436KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 343KB - Virtual size: 836KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE