Behavioral task
behavioral1
Sample
d04334bd81299104bc9ad468f6e484c6_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
d04334bd81299104bc9ad468f6e484c6_JaffaCakes118
-
Size
1.3MB
-
MD5
d04334bd81299104bc9ad468f6e484c6
-
SHA1
40325019e53094c805abe193e64e8f633104bfa7
-
SHA256
4cb0eeeee463d0579ace916d87d54260488e7a2ac0e6c94f8fceb3395d0b912f
-
SHA512
8f1b38711f9b1cd59376584ec3bcbeda94887e723264e2c4f57768059a6dab61b3a7923b9e48393ebb61474c0dde1f28907558d454780efeb7d41e34297d1f4e
-
SSDEEP
24576:XU7+VajhytMSdIGaGIUrXoZ0Ab0oCEW9kkwInmAjean1SGO6iCyunoGaLz6l9hV:X4+VmSaUYZ7b03R9khInjean096TJiWT
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d04334bd81299104bc9ad468f6e484c6_JaffaCakes118
Files
-
d04334bd81299104bc9ad468f6e484c6_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 436KB - Virtual size: 1.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 24KB - Virtual size: 116KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 820KB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE