0bee874abdf61e620be84014ff58a743_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0bee874abdf61e620be84014ff58a743_JaffaCakes118
Size

1.1MB
MD5

0bee874abdf61e620be84014ff58a743
SHA1

d3ce4647fb3cff1ef0dbb9ecbd49df78c475f357
SHA256

202554e5d8c678356357bd19854671ae7cc4546034000c348498f19e702f1971
SHA512

dff6edd533431394b45b50db013294575e4f73b6d567c63d428fb372e0d64f8a4319a830a4b99813d52148d659e4f8af6ae7f5ce44ebae313c6d4933b6e5d709
SSDEEP

12288:maizmmCrMnXrMn35GXacXYp3uyAGjzGYIdjMxMSo6YoE2k4zUwg4Q0nOFuz/aJLc:maiz+rMrgcLGxgu3vgL0nO1JLx6L

Score

1^/10

Malware Config

Signatures

Files

0bee874abdf61e620be84014ff58a743_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

3d:d5:aa:e5:e0:38:34:92:46:bc:12:7b:7f:4d:5c:7d
Certificate

Issuer

CN=elewen company

Not Before

27/04/2020, 04:28

Not After

28/04/2030, 04:28

Subject

CN=elewen company

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

01/08/2030, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #1,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

96:b0:86:82:af:0f:55:dc:87:cd:48:bf:c9:ce:45:e8:fd:3b:b7:30:92:b8:8f:72:9c:d9:8c:f7:8e:c5:4e:a3
Signer

Actual PE Digest

96:b0:86:82:af:0f:55:dc:87:cd:48:bf:c9:ce:45:e8:fd:3b:b7:30:92:b8:8f:72:9c:d9:8c:f7:8e:c5:4e:a3

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 825KB - Virtual size: 825KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 289KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

3d:d5:aa:e5:e0:38:34:92:46:bc:12:7b:7f:4d:5c:7dCertificate

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08Certificate

Extended Key Usages

Key Usages

96:b0:86:82:af:0f:55:dc:87:cd:48:bf:c9:ce:45:e8:fd:3b:b7:30:92:b8:8f:72:9c:d9:8c:f7:8e:c5:4e:a3Signer

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 825KB - Virtual size: 825KB

.sdata Size: 512B - Virtual size: 512B

.rsrc Size: 289KB - Virtual size: 288KB

.reloc Size: 512B - Virtual size: 12B

3d:d5:aa:e5:e0:38:34:92:46:bc:12:7b:7f:4d:5c:7d
Certificate

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08
Certificate

96:b0:86:82:af:0f:55:dc:87:cd:48:bf:c9:ce:45:e8:fd:3b:b7:30:92:b8:8f:72:9c:d9:8c:f7:8e:c5:4e:a3
Signer

.text
Size: 825KB - Virtual size: 825KB

.sdata
Size: 512B - Virtual size: 512B

.rsrc
Size: 289KB - Virtual size: 288KB

.reloc
Size: 512B - Virtual size: 12B