Behavioral task
behavioral1
Sample
ab1b40ac027ede3cc632976044c71db6_JaffaCakes118.exe
Resource
win7-20240704-en
General
-
Target
ab1b40ac027ede3cc632976044c71db6_JaffaCakes118
-
Size
1.6MB
-
MD5
ab1b40ac027ede3cc632976044c71db6
-
SHA1
e4fe5fa8125ce013949a23e366acfda18c868e53
-
SHA256
a6dee6eb67fd9d8f318ce5fc55b0b4ee3a5ce4e6302c371b6c73f0730af5e14a
-
SHA512
8b72ed789b9221bbf76abbee10ea2fc73b1d4f6b204906dec6c44dfbd7b124945976396c37e6a77f577e72ed848b5bf3a296a77e1380545eaa1d037de4c080d5
-
SSDEEP
49152:WUXeoS3w2w86VsqiNzfMRWnwcU8ioKWhKPi4wHhxki47:0oWw2w86VJEM8wXouP7a/47
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ab1b40ac027ede3cc632976044c71db6_JaffaCakes118
Files
-
ab1b40ac027ede3cc632976044c71db6_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
Size: 418KB - Virtual size: 972KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 64KB - Virtual size: 3.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 1.1MB - Virtual size: 2.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE