Static task
static1
Behavioral task
behavioral1
Sample
148da8473a260935979977ade797e718_JaffaCakes118.exe
Resource
win7-20240220-en
General
-
Target
148da8473a260935979977ade797e718_JaffaCakes118
-
Size
3.0MB
-
MD5
148da8473a260935979977ade797e718
-
SHA1
18d0286962802911133a5ab6ae5016c9cda08b6d
-
SHA256
a29e150b2ff91da057487b87d420e394347f3e0364742705705b103a2d518f61
-
SHA512
9c38ab2950450a0c22c5cb7dcf8cb99dd421344ac14e4d66890a1de11ab9a0185cbca967f6120a121bb720fae53774ea4545e48fca16ee501bdaa84d73d4ba81
-
SSDEEP
49152:hxxxK/o/y7wmmD9gukh9wiNInkjCG8mzD0W357/0nsj7a3LTK4U:hBykVCnh/InmCGACTj+TK4U
Malware Config
Signatures
Files
-
148da8473a260935979977ade797e718_JaffaCakes118.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Code Sign
Certificate
IssuerCN=www.clud-intim.com,OU=Game Design,O=clud-intim.com,L=Clue villie,ST=Clue,C=mt,1.2.840.113549.1.9.1=#0c16636f6e7461637440636c75642d696e74696d2e636f6dNot Before18-06-2015 05:29Not After17-06-2016 05:29SubjectCN=www.clud-intim.com,OU=Game Design,O=clud-intim.com,L=Clue villie,ST=Clue,C=mt,1.2.840.113549.1.9.1=#0c16636f6e7461637440636c75642d696e74696d2e636f6d5c:ec:c5:d4:af:c8:59:7b:e9:5f:a1:81:53:c7:1f:6f:f9:5e:64:57Signer
Actual PE Digest5c:ec:c5:d4:af:c8:59:7b:e9:5f:a1:81:53:c7:1f:6f:f9:5e:64:57Digest Algorithmsha1PE Digest MatchesfalseHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 813KB - Virtual size: 812KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 174KB - Virtual size: 173KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ