Behavioral task
behavioral1
Sample
3cc434ad4fb8397630da10b6ab564b58_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
3cc434ad4fb8397630da10b6ab564b58_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
3cc434ad4fb8397630da10b6ab564b58_JaffaCakes118
-
Size
964KB
-
MD5
3cc434ad4fb8397630da10b6ab564b58
-
SHA1
e784bdfb6b5c587032220452cc68e3d1ea40f9e8
-
SHA256
e7d95d6f651b3024401765227278701e9e2e5b7775de3ae9033ba318e47b4488
-
SHA512
8038f5671490a28cbcab428b64d4f408d880e80bf033994b59d93bfaa0c7c5b5b662c736d1ea6067fa6f98510654e91b9fec91ddd39019eb91aa0190f4dc0285
-
SSDEEP
24576:ZPFu9ViL27T5UJexIZnVtK4pheJHRHxHsbwvB9uF3:T22Ax4rK4XeVRHwwS3
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3cc434ad4fb8397630da10b6ab564b58_JaffaCakes118
Files
-
3cc434ad4fb8397630da10b6ab564b58_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 113KB - Virtual size: 1.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 1.1MB - Virtual size: 2.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE