Behavioral task
behavioral1
Sample
19962480e1ea3d8a3c00250e8e7867e7_JaffaCakes118.exe
Resource
win7-20240508-en
General
-
Target
19962480e1ea3d8a3c00250e8e7867e7_JaffaCakes118
-
Size
5.9MB
-
MD5
19962480e1ea3d8a3c00250e8e7867e7
-
SHA1
d0240accf1b93436deb4d681bdbf1882420c1ff2
-
SHA256
c08fbf1f549669dd048f5008b7f5f3150d1fb0dc7f6a420b369eb7469dfbc3e2
-
SHA512
ae7f73c7e600a1b4d27b871af2962cfffcbe7f8fdae87f0344c8396c7326bd06a2ea89273d8ac03974c2ed0eb96bdcb28d4759132d43fdb81bbd286530364267
-
SSDEEP
98304:cLILI6zcwPD3WCvdmVoyfgqo8BRqSTOUhNJsiTN1G1ja+ps5mIWWx:cLz6wwb3WdHIqo8BhSUhN/RCj7i5mvK
Malware Config
Signatures
-
Processes:
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 19962480e1ea3d8a3c00250e8e7867e7_JaffaCakes118
Files
-
19962480e1ea3d8a3c00250e8e7867e7_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
Size: 313KB - Virtual size: 688KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4.5MB - Virtual size: 4.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Themida Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE