6734ed528fd08246dab1055ce7a124de_JaffaCakes118 | Triage

Submit
Reports

Overview

overview

Static

static

1

6734ed528f...18.exe

windows7-x64

6734ed528f...18.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

6734ed528fd08246dab1055ce7a124de_JaffaCakes118.exe

Resource

win7-20240221-en

darkcomet guest16 persistence rat trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

6734ed528fd08246dab1055ce7a124de_JaffaCakes118.exe

Resource

win10v2004-20240426-en

darkcomet guest16 persistence rat trojan

windows10-2004-x64

12 signatures

150 seconds

General

Target

6734ed528fd08246dab1055ce7a124de_JaffaCakes118
Size

853KB
MD5

6734ed528fd08246dab1055ce7a124de
SHA1

44bcb8e21ea74f5bac9f20daf4772650b4277a6c
SHA256

20fc91290817d8b9208794e5464bb084d9a63fa96af2e674582a19d3af9d182f
SHA512

943a05779fc0e9da69a8c2df34ef19c6128a844f7ce1b166515fa0e5416c4c5af7f5928f8cf5d1032f483d3382a350809fda455ee3b90510a5b465a7f7d7b50c
SSDEEP

12288:vFRJLb3xdzXFMUO+iEs7sBS+jYr9WZm9++vufVZMIzUBlcYvmIAA5zVZ/7:TdPOPAs9596fVBzUBlvezAFnD

Score

1^/10

Malware Config

Signatures

Files

6734ed528fd08246dab1055ce7a124de_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

Certificate

Issuer

CN=www.clud-intim.com,OU=Game Design,O=clud-intim.com,L=Clue villie,ST=Clue,C=mt,1.2.840.113549.1.9.1=#0c16636f6e7461637440636c75642d696e74696d2e636f6d

Not Before

18-06-2015 05:29

Not After

17-06-2016 05:29

Subject

CN=www.clud-intim.com,OU=Game Design,O=clud-intim.com,L=Clue villie,ST=Clue,C=mt,1.2.840.113549.1.9.1=#0c16636f6e7461637440636c75642d696e74696d2e636f6d

a1:e8:b3:8f:8d:08:d2:71:a6:06:a6:80:b0:8a:37:a7:32:47:a3:ba
Signer

Actual PE Digest

a1:e8:b3:8f:8d:08:d2:71:a6:06:a6:80:b0:8a:37:a7:32:47:a3:ba

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 674KB - Virtual size: 673KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy