Behavioral task
behavioral1
Sample
JaffaCakes118_174dba41ec4881f5ff7d94042dcce4a1.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_174dba41ec4881f5ff7d94042dcce4a1.exe
Resource
win10v2004-20250217-en
General
-
Target
JaffaCakes118_174dba41ec4881f5ff7d94042dcce4a1
-
Size
570KB
-
MD5
174dba41ec4881f5ff7d94042dcce4a1
-
SHA1
b8079a70fdd7f0f55cdf472f623eab58904e07df
-
SHA256
52e2ea6fac35fd7af7d05dbde97e61f7fe0f6a5d176ab2ab77d082d40f5f0db4
-
SHA512
dd6aa4381a2df897af9d736c318dd3fbba17ae55484e1a748ea0d75709a477cfd8ce4c4712c96c2abc8994c43dbe1695ca55bfdf6be003a0f711716a489591dc
-
SSDEEP
12288:uJCMlMkhe4CikRpy06CuKWIcByY2Tfw9hSal3w5GpFQv8:a9MpyJKfR7TI95KGU8
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource JaffaCakes118_174dba41ec4881f5ff7d94042dcce4a1
Files
-
JaffaCakes118_174dba41ec4881f5ff7d94042dcce4a1.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 115KB - Virtual size: 1.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 449KB - Virtual size: 452KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE