Behavioral task
behavioral1
Sample
d6f85332ad6b2a446246189d9a5af244_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
d6f85332ad6b2a446246189d9a5af244_JaffaCakes118
-
Size
1.5MB
-
MD5
d6f85332ad6b2a446246189d9a5af244
-
SHA1
13235773757c86c7295de6246a711a9dab2be27d
-
SHA256
63bfc5b8ef43ad52ae9310e6044f6961caccb40a322a023e4737dfeedbc05964
-
SHA512
4e62df5f74d49e423fe4ccd023c84cd0818af7eaa3a25e833465a0c243980ca3f3e27b13a24ae078be6759c8df7866e6d8a06dcab9ab08fb2796585a85d08738
-
SSDEEP
24576:t07wpLmzL6cmbyCu2eIRodnwkGpjdIEctbpwzcCO+8LDSuB/K9Nh3n+:t0SLOmu2Vgnw6tpwn8J/A9+
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d6f85332ad6b2a446246189d9a5af244_JaffaCakes118
Files
-
d6f85332ad6b2a446246189d9a5af244_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 24KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 300KB - Virtual size: 298KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE