Behavioral task
behavioral1
Sample
d4215e93cdd83fce7b837b1dfe37eed5_JaffaCakes118.exe
Resource
win7-20240708-en
General
-
Target
d4215e93cdd83fce7b837b1dfe37eed5_JaffaCakes118
-
Size
2.3MB
-
MD5
d4215e93cdd83fce7b837b1dfe37eed5
-
SHA1
1d574b714750a51bf02af36d1546627470da456f
-
SHA256
3a43e7fc67698996cc572a65ea294c9d6862d6d2563e03815dd20ce81fdac790
-
SHA512
ca69540c42ff0f04fb284eae78823211664ef292c830e1b11ec8143e91de97c32e49c574470aa269c317577c151a5cdf2dba49667dcef71edffb3d72b3d503de
-
SSDEEP
24576:yAM+owiRF3q2r3xCN49JJyPX2P/kkfFta7S629/0V54isaoK2of2/xP:C6sQ+/
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d4215e93cdd83fce7b837b1dfe37eed5_JaffaCakes118
Files
-
d4215e93cdd83fce7b837b1dfe37eed5_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 1.4MB - Virtual size: 1.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 172KB - Virtual size: 171KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 736KB - Virtual size: 740KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE