General

Malware Config

Signatures

Files

• 148da8473a260935979977ade797e718_JaffaCakes118

  .exe windows:4 windows x86 arch:x86

  f34d5f2d4577ed6d9ceec516c1f5a744

  
  

  Code Sign

  Certificate

  Issuer

  CN=www.clud-intim.com,OU=Game Design,O=clud-intim.com,L=Clue villie,ST=Clue,C=mt,1.2.840.113549.1.9.1=#0c16636f6e7461637440636c75642d696e74696d2e636f6d

  Not Before

  18-06-2015 05:29

  Not After

  17-06-2016 05:29

  Subject

  CN=www.clud-intim.com,OU=Game Design,O=clud-intim.com,L=Clue villie,ST=Clue,C=mt,1.2.840.113549.1.9.1=#0c16636f6e7461637440636c75642d696e74696d2e636f6d

  5c:ec:c5:d4:af:c8:59:7b:e9:5f:a1:81:53:c7:1f:6f:f9:5e:64:57

  Signer

  Actual PE Digest

  5c:ec:c5:d4:af:c8:59:7b:e9:5f:a1:81:53:c7:1f:6f:f9:5e:64:57

  Digest Algorithm

  sha1

  PE Digest Matches

  false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  mscoree

  _CorExeMain

  Sections

  .text

  Size: 813KB - Virtual size: 812KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 174KB - Virtual size: 173KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 1024B - Virtual size: 12B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ