Behavioral task
behavioral1
Sample
0ee8b78aa804b580d4e47a8cc0ae5284_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
0ee8b78aa804b580d4e47a8cc0ae5284_JaffaCakes118
-
Size
5.4MB
-
MD5
0ee8b78aa804b580d4e47a8cc0ae5284
-
SHA1
8f3e22836c2db7b5d22dbcba7000d515cad89c35
-
SHA256
81f16312295199c4a640365a402966ab4551c23c39730482e802760b359c57c2
-
SHA512
16252953d74c1605ca0c6beb399b16c8d6115ffa916394c2e8c1643c216a5a12447d3058a401fef30f2cc06e7cceba6dbc3237d6377d6848ae595f16dea925c4
-
SSDEEP
49152:/XiiQkL+y/6vr6Zxnx7DstAy1BLfBn7ZjN/VH9yh:/XiiQkL+yCv+s1LF9Ah
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0ee8b78aa804b580d4e47a8cc0ae5284_JaffaCakes118
Files
-
0ee8b78aa804b580d4e47a8cc0ae5284_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 3.5MB - Virtual size: 3.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 1.8MB - Virtual size: 1.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE