Behavioral task
behavioral1
Sample
d83ec89d150cd9c5c44350ee9892dce2_JaffaCakes118.exe
Resource
win7-20240704-en
General
-
Target
d83ec89d150cd9c5c44350ee9892dce2_JaffaCakes118
-
Size
906KB
-
MD5
d83ec89d150cd9c5c44350ee9892dce2
-
SHA1
e811704c6a02ccedd44c484e26855629834bcd3e
-
SHA256
a9861076a523de84e82c059cc03d1cd7d74bef2f08ebdf6800d8ae70b41ebc8f
-
SHA512
e1edff6e14ad140e551f31301f7d51e70c34bccede52694090cbb20841c867898a98883f2d6671b97181e8ebd84a2bdce1d24b4774d5555863c1ebb2646c90e8
-
SSDEEP
24576:VZ25dInPGE4IVFz7/2i2Osj2+dTX1ITRmmx9+5b:7nnOEDFzf2O22TRm6ab
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d83ec89d150cd9c5c44350ee9892dce2_JaffaCakes118
Files
-
d83ec89d150cd9c5c44350ee9892dce2_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
Size: 28KB - Virtual size: 84KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 239KB - Virtual size: 225KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 633KB - Virtual size: 1.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE