Behavioral task
behavioral1
Sample
a937513a3388980684e1ed3796836f12_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
a937513a3388980684e1ed3796836f12_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
a937513a3388980684e1ed3796836f12_JaffaCakes118
-
Size
488KB
-
MD5
a937513a3388980684e1ed3796836f12
-
SHA1
7f536dce47fa073d94afe4d9a241f0a16e6d3265
-
SHA256
aadd75c1463e22c7a9fe92635652040090139207b4277a5d7e25761ac74d8919
-
SHA512
76b1f035a4dab3326cf878acc0a625bc6cfb7f5806013173ce3c6e5beaf997eea1b6a66373021e365f3c60e856e4a730d6490946649453ca1a407503ddce7638
-
SSDEEP
12288:xzCWwPxkMY0l9ET0BsroQbiSmgSMI4jZQIv:xzCWs+Aa4oo8iH+FQIv
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a937513a3388980684e1ed3796836f12_JaffaCakes118
Files
-
a937513a3388980684e1ed3796836f12_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 113KB - Virtual size: 884KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 368KB - Virtual size: 884KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE