Behavioral task
behavioral1
Sample
a9d4058d41def19ab110acab4686e60f_JaffaCakes118.exe
Resource
win7-20240704-en
General
-
Target
a9d4058d41def19ab110acab4686e60f_JaffaCakes118
-
Size
849KB
-
MD5
a9d4058d41def19ab110acab4686e60f
-
SHA1
a08b8a7b1f5c61faa8d3fa64c4036282a2fcad0a
-
SHA256
93d4244601d49aac7ae5250987d3ff49fef5ede6be3302d32a5e761c3abafe2a
-
SHA512
84945cb1a0e285feb1daab632c1fef011c2b0f85560c10405d313906a3861f0fe8cbab5ee45f7d20cf72036809ec0b016db15db2334bf18c8344c2340127c613
-
SSDEEP
24576:9LOaB5ZSogV8cNwCn4jiiZM7USGjjtBY:9SEZ8V845CiiZ6USGjb
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a9d4058d41def19ab110acab4686e60f_JaffaCakes118
Files
-
a9d4058d41def19ab110acab4686e60f_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
Size: 106KB - Virtual size: 248KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 46KB - Virtual size: 85KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 692KB - Virtual size: 1.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE