Behavioral task
behavioral1
Sample
b36163957284c1a03b79e2a061131522_JaffaCakes118.exe
Resource
win7-20240708-en
General
-
Target
b36163957284c1a03b79e2a061131522_JaffaCakes118
-
Size
1.4MB
-
MD5
b36163957284c1a03b79e2a061131522
-
SHA1
c0054eeb2c82fe1158b6e590edce904c4386382c
-
SHA256
8a605b90f903162d2a42f08cf549222e5c910d2c238bb82b48cc99b4cc08a873
-
SHA512
d6294fe1677c0503c1d65d698cfd9d858e160f776dc958c244342574f1ee8f30a518cd100d5b0012187416e01039de7fcaf26d20fc7cd09f627d81b907f4323a
-
SSDEEP
24576:3CCO8rNlX0YObSmXf3xDMReKHaJp1uVlcqa5m/0OsA9iXt53rECS2qGf5W4CSbnN:3dOWzkxS8f3xDMwK+p1uDr/R2Xn3reAF
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b36163957284c1a03b79e2a061131522_JaffaCakes118
Files
-
b36163957284c1a03b79e2a061131522_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 1.3MB - Virtual size: 2.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE