Behavioral task
behavioral1
Sample
643a1ab3ce33c8063738dda67870a669_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
643a1ab3ce33c8063738dda67870a669_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
643a1ab3ce33c8063738dda67870a669_JaffaCakes118
-
Size
1.2MB
-
MD5
643a1ab3ce33c8063738dda67870a669
-
SHA1
cf515fb33e639e5c7f518e5933c91f32bc64934f
-
SHA256
e08be5a7269a5ed86a4f23983c3a7f5c1bdc2fd6e5c62abc75e676a8639b26c6
-
SHA512
3f4192d07a094d10dccd927c3127e40154a0d54668dfd422a4e9c476eb15f0a93d808ec847088fc00b7646c5a569fe6088060d97daeeeb295cc7180489dee8df
-
SSDEEP
24576:2Jo+QZVwjOBxLi1Bn8EFSEBK1VTg0u1xsLUcaK2qTE:27A0LBnZSEBK1Zg0WsgcI
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 643a1ab3ce33c8063738dda67870a669_JaffaCakes118
Files
-
643a1ab3ce33c8063738dda67870a669_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 26KB - Virtual size: 28KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 1.2MB - Virtual size: 2.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE