Behavioral task
behavioral1
Sample
53b2f3d291f002e8eb04e58964c32376_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
53b2f3d291f002e8eb04e58964c32376_JaffaCakes118
-
Size
2.8MB
-
MD5
53b2f3d291f002e8eb04e58964c32376
-
SHA1
e1ffbb2c43c05a379b0c7f831d10ca25fc79ad06
-
SHA256
438ea7c1551a17ed266973f6ef76e35bba9d3a75b8c6ae6c2177dae62de2a434
-
SHA512
7ff2e73de8d8226b54f06a97db7567392c622f1dc14cd8ea1cbd62ae7f60de00ff8ce4848c8857b4a014e87e4c6c7a8e04a1ec56376da502292a99c434cd0a43
-
SSDEEP
49152:0WkkjwA4b6+PkUUsztp8ULFvBuoFkCjtVHFliA5JMdmLCXj:0Wkkjx+8Uh53XkSDliA+mm
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 53b2f3d291f002e8eb04e58964c32376_JaffaCakes118
Files
-
53b2f3d291f002e8eb04e58964c32376_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 87KB - Virtual size: 216KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Intel Co Size: 437KB - Virtual size: 437KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 512B - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.themida Size: - Virtual size: 4.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.boot Size: 1.9MB - Virtual size: 1.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Intel Co Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Intel Co Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 437KB - Virtual size: 437KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ