Behavioral task
behavioral1
Sample
89ea035eb701e1bb80063716b3fb22a8_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
89ea035eb701e1bb80063716b3fb22a8_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
89ea035eb701e1bb80063716b3fb22a8_JaffaCakes118
-
Size
1.2MB
-
MD5
89ea035eb701e1bb80063716b3fb22a8
-
SHA1
0fd05070bb5fcd1c14e8f2630fdd43cf0808f8c2
-
SHA256
8c1cabc71f5ef414deddefbf1491d621e35b50c632495e818b01263f1ebf55e6
-
SHA512
25f605e5c51f11a1a6c4e9183e48e9cee07ea45718e7deb9b1045490472ce6a0d71e9a63b660fe83f14c68ee4f5b1b070a8cbea0e61e38deb46da61f8ca2d860
-
SSDEEP
24576:uQ3XDHA3V6jKPG/ChA5Uolecc2LH7vgAUEbVnbpu+QduNvaQSXeWrF:uVD+nzd7UEbF6MrSX/B
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 89ea035eb701e1bb80063716b3fb22a8_JaffaCakes118
Files
-
89ea035eb701e1bb80063716b3fb22a8_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 26KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 928B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 1.1MB - Virtual size: 2.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE