Behavioral task
behavioral1
Sample
a91d0b54e36016c68070e2dbb92155c3_JaffaCakes118.exe
Resource
win7-20240708-en
General
-
Target
a91d0b54e36016c68070e2dbb92155c3_JaffaCakes118
-
Size
723KB
-
MD5
a91d0b54e36016c68070e2dbb92155c3
-
SHA1
7a6b44bbb663bffabc5460477594aad1a72266ab
-
SHA256
27ce5dcf5f3ba24d49c51d8a9f3d0d8aa66946cf83911aaf1775e79e34a734cd
-
SHA512
d9e95c693ed7537c0dca3d8096f396616c630308b70788da6b05f089f7eea1835c5ae83ea76fe67ac4cd0935f94e8830b5a60a6265166c4c56e4697737eddcf9
-
SSDEEP
12288:O1S4LALg6j9ZaQmTopcqM5A5uBSEioA2j+jWmtaiCmFS2i3Z/ebx4nw/eH3:OfLALg6jLNpKBZSjLUiCQS1Z/QxY3
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a91d0b54e36016c68070e2dbb92155c3_JaffaCakes118
Files
-
a91d0b54e36016c68070e2dbb92155c3_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 112KB - Virtual size: 436KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 176B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 606KB - Virtual size: 1.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE