3161aabe2dcbc02fd1c52f00b8be00cb_JaffaCakes118 | Triage

Submit
Reports

Overview

overview

Static

static

1

3161aabe2d...18.exe

windows7-x64

3161aabe2d...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

3161aabe2dcbc02fd1c52f00b8be00cb_JaffaCakes118.exe

Resource

win7-20240508-en

njrat hacked evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

3161aabe2dcbc02fd1c52f00b8be00cb_JaffaCakes118.exe

Resource

win10v2004-20240426-en

njrat hacked evasion persistence trojan

windows10-2004-x64

11 signatures

150 seconds

General

Target

3161aabe2dcbc02fd1c52f00b8be00cb_JaffaCakes118
Size

224KB
MD5

3161aabe2dcbc02fd1c52f00b8be00cb
SHA1

fddca6fc480fe3247d0e9b75a3362ef6c1ce9186
SHA256

220e0a071a5446c6018d788b1420f7cb4defe12463473878795d9041109c2ba6
SHA512

c85a636a7d3e5b453c6bd20cc22a1f5f0d26b1f3616b61dc6482188d8a72bcda40826b32715f72e99a887a6fafe11bd41d3a5acf7dfe98b96e01a33b91345c12
SSDEEP

3072:C/OSmOQKHaw5Jf2d95YLHNSEzf4KSf/V9NHxDCQbd:C2SmBK6QJ659fNZ/B

Score

1^/10

Malware Config

Signatures

Files

3161aabe2dcbc02fd1c52f00b8be00cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

Certificate

Issuer

CN=www.clud-intim.com,OU=Game Design,O=clud-intim.com,L=Clue villie,ST=Clue,C=mt,1.2.840.113549.1.9.1=#0c16636f6e7461637440636c75642d696e74696d2e636f6d

Not Before

18/06/2015, 05:29

Not After

17/06/2016, 05:29

Subject

CN=www.clud-intim.com,OU=Game Design,O=clud-intim.com,L=Clue villie,ST=Clue,C=mt,1.2.840.113549.1.9.1=#0c16636f6e7461637440636c75642d696e74696d2e636f6d

5b:71:83:5b:11:02:9c:31:b3:3b:47:ac:4f:a1:f7:ae:cd:4c:0d:d6
Signer

Actual PE Digest

5b:71:83:5b:11:02:9c:31:b3:3b:47:ac:4f:a1:f7:ae:cd:4c:0d:d6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy