Behavioral task
behavioral1
Sample
65580f7f95a83027c5da35d097d42995_JaffaCakes118.exe
Resource
win7-20240708-en
General
-
Target
65580f7f95a83027c5da35d097d42995_JaffaCakes118
-
Size
785KB
-
MD5
65580f7f95a83027c5da35d097d42995
-
SHA1
fd2b6c0fad90d3775c55fbdde1d3abb59896b365
-
SHA256
9de7beb244f14484eb2be14de45ff12bf32bb7612a9a6955e36a25ee12249e0d
-
SHA512
d8138011828b203a05b5e046332c3be2a9fab829a83619136978150fc48807a694b911e5295a28c05fea00395e8276c9d1fd76846b919e736494178136d6a921
-
SSDEEP
24576:1YzOulRB21y2UV84bxKgieb+3R4CJk2uA6V:OzOulKct0zegJJk2uL
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 65580f7f95a83027c5da35d097d42995_JaffaCakes118
Files
-
65580f7f95a83027c5da35d097d42995_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
Size: 1KB - Virtual size: 720KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: - Virtual size: 32KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: - Virtual size: 1.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.shoooo Size: 783KB - Virtual size: 784KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE