Behavioral task
behavioral1
Sample
b45abd10527f7deec0232b09e5913aad_JaffaCakes118.exe
Resource
win7-20240704-en
General
-
Target
b45abd10527f7deec0232b09e5913aad_JaffaCakes118
-
Size
536KB
-
MD5
b45abd10527f7deec0232b09e5913aad
-
SHA1
6ccab6f39818e5436a01eff07165d052efbd5ebb
-
SHA256
da2135d7963c379d58e1f5a60e4b18d9477c4fbb8d7ecf6dd2d53c33f0956287
-
SHA512
e4ce4b482293495775ecbd8af5a6a00b5cffe4853a52f065159d643f2cee407c672d57b97689a07180f74e55a2ca2557bfd48791a5084839a44c74ff7096b7f0
-
SSDEEP
12288:6EsCli7vM+e4R0us3xCeRztocbcpa8i1GTy+dMpp4i6OgHP:+C07vFe4RbAC9cbNGTy+d6V
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b45abd10527f7deec0232b09e5913aad_JaffaCakes118
Files
-
b45abd10527f7deec0232b09e5913aad_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 92KB - Virtual size: 1.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 436KB - Virtual size: 1.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE