Behavioral task
behavioral1
Sample
07bc17347589f6f59b028c55330466c7_JaffaCakes118.exe
Resource
win7-20240708-en
General
-
Target
07bc17347589f6f59b028c55330466c7_JaffaCakes118
-
Size
1.7MB
-
MD5
07bc17347589f6f59b028c55330466c7
-
SHA1
31fb606c61f0d67cc2435c5fbfea960f5ddc7c7f
-
SHA256
a0a91f21d194c9b58fbffa9f4d9fe507c0d7eb425af8c44ef077e997617c62d9
-
SHA512
f54afef803cff006db0e05265d676602f99d1c871c4f6af7e670f03aa5f35757da693da8beee426943e47771de326f404ac61b49a3f3ecb56b68bb483d7d182c
-
SSDEEP
24576:kVFSbeDBxkW0IKpz2QAWl2l0GO04VgwET7acR/yGclIB8Ik8aFIbQqplbrYu:2kAxkW0IwKQK1OFc7XR/y7IKIdl
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 07bc17347589f6f59b028c55330466c7_JaffaCakes118
Files
-
07bc17347589f6f59b028c55330466c7_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 956KB - Virtual size: 2.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 36KB - Virtual size: 49KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 704KB - Virtual size: 1.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE