Behavioral task
behavioral1
Sample
c96f562af72a71b9ff1209c6bbe1a3ff_JaffaCakes118.exe
Resource
win7-20240708-en
General
-
Target
c96f562af72a71b9ff1209c6bbe1a3ff_JaffaCakes118
-
Size
2.4MB
-
MD5
c96f562af72a71b9ff1209c6bbe1a3ff
-
SHA1
0903f5902cb508f31e426333bb9217a517e1d83b
-
SHA256
16d5c00a0ba18efcbd09c921e2345696a892cd5ac235da43532c0f1d1ef65f40
-
SHA512
cb129e462a88184280052cfa7700a7d1a71744608e24062da4d3f90ea275f07950438718af15d29c6c125bd54fd5a4bde84ee2dec4825aa6a36effa381ada13c
-
SSDEEP
49152:Mw8VqkR1pkIYE4bNWNySZfjWJUOtICELYqcdU9+NLQACU:Mw8V7pzQbNsKJLICELYq6FNLQHU
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c96f562af72a71b9ff1209c6bbe1a3ff_JaffaCakes118
Files
-
c96f562af72a71b9ff1209c6bbe1a3ff_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 816KB - Virtual size: 2.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 844KB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.trdata Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 800KB - Virtual size: 1.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE