Behavioral task
behavioral1
Sample
42f153526080d4e07ea908a11389a658_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
42f153526080d4e07ea908a11389a658_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
42f153526080d4e07ea908a11389a658_JaffaCakes118
-
Size
1.3MB
-
MD5
42f153526080d4e07ea908a11389a658
-
SHA1
71ed83485fba1e2a2dca3104bc0a78aa6899aa89
-
SHA256
e95894666cdac640f3752a173df21cd7c575a3c778aff162d04374629b0300ac
-
SHA512
8b64643d56e30ab4713df7fafca71dd69d23f2c94ea302079c8d967c0d97631c181af3001b605e55410ed297406a77437b277da8f363821222f65c7def22ceaa
-
SSDEEP
24576:MZ3mg2PlzwX5RXiLJcUXpEGMUVqyVa/b5gDRY5tk/ggbtV3/C:MZrMluHiLJc6MUVlkGD6tG6
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 42f153526080d4e07ea908a11389a658_JaffaCakes118
Files
-
42f153526080d4e07ea908a11389a658_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 5KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 57KB - Virtual size: 159KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 1.2MB - Virtual size: 2.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE