Behavioral task
behavioral1
Sample
b0bb4139398094ef9d93af0a2bac3f85_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
b0bb4139398094ef9d93af0a2bac3f85_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
b0bb4139398094ef9d93af0a2bac3f85_JaffaCakes118
-
Size
502KB
-
MD5
b0bb4139398094ef9d93af0a2bac3f85
-
SHA1
5a3c75c31029c25867d0475f1d0877aef053baad
-
SHA256
4afe096ebad392bbe9d269cbaabdc6bfa1d288f8c5122aeb1cabc33b84bec134
-
SHA512
8002b15dd5858252d52c38a8ca08b4e370b472f7a2d8526777911aa8b01c502bad4425734508db3494b80281efc187d72c089f00bd8d5adefec81697be91b1ae
-
SSDEEP
12288:nXEOwoCdNnHLMDsk8NhyY9tYrUPa7EVmus/Ivt:XjmtLLkdiM3us
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b0bb4139398094ef9d93af0a2bac3f85_JaffaCakes118
Files
-
b0bb4139398094ef9d93af0a2bac3f85_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 112KB - Virtual size: 876KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 378KB - Virtual size: 904KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE