eb4309050ae5b2bb5dfd41165b12aa02_JaffaCakes118 | Triage

Submit
Reports

Overview

overview

3

Static

static

1

eb4309050a...18.exe

windows7-x64

1

eb4309050a...18.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

eb4309050ae5b2bb5dfd41165b12aa02_JaffaCakes118.exe

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

eb4309050ae5b2bb5dfd41165b12aa02_JaffaCakes118.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

eb4309050ae5b2bb5dfd41165b12aa02_JaffaCakes118
Size

20KB
MD5

eb4309050ae5b2bb5dfd41165b12aa02
SHA1

4cbb669879fdf7bc95804993b4588c3d4281f10a
SHA256

cdf0a5a8eeeed5c311e915a6e8efbb82bb7b3591d18529ab538d8c6d48b6b74d
SHA512

d53fe909bc9ed7729496e0cdb4f8fc4a62b92acece4ec67af6c9b531f41392c24e5bdcf28f56bb2af730de59311afa3ff30ff407438e53aa274b9d974b1800f4
SSDEEP

384:TFMd3kY69z9yFgE4I2hQaza+BBGDglxXts3w7b:TFTYw9WAhrm+TG8XeA7b

Score

1^/10

Malware Config

Signatures

Files

eb4309050ae5b2bb5dfd41165b12aa02_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ef3aa8c972dda6ad43994298deac8bf0

Code Sign

63:78:99:28:5b:c7:90:44:bb:96:d6:78:76:5c:bf:11
Certificate

Issuer

CN=Qoraaqe

Not Before

05-03-2012 10:10

Not After

31-12-2039 23:59

Subject

CN=Qoraaqe

50:40:1e:9f:56:c5:2a:47:c8:89:66:03:fe:1a:57:69:11:9e:99:9e
Signer

Actual PE Digest

50:40:1e:9f:56:c5:2a:47:c8:89:66:03:fe:1a:57:69:11:9e:99:9e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree
Sleep

user32

ShowWindow
UpdateWindow
PostQuitMessage
EndPaint
DispatchMessageA
RegisterClassExA

gdi32

GetObjectA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 450B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 256B - Virtual size: 123B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 256B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy