67f9dba0b602548fe16ab9bc245014d4_JaffaCakes118 | Triage

Submit
Reports

Overview

overview

1

Static

static

1

67f9dba0b6...18.exe

windows7-x64

1

67f9dba0b6...18.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

67f9dba0b602548fe16ab9bc245014d4_JaffaCakes118.exe

Resource

win7-20240220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

67f9dba0b602548fe16ab9bc245014d4_JaffaCakes118.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

67f9dba0b602548fe16ab9bc245014d4_JaffaCakes118
Size

1.2MB
MD5

67f9dba0b602548fe16ab9bc245014d4
SHA1

c51ed4ae98eb75f5a2c82655b7ff2c8aeb7920a9
SHA256

85da7cd0aca4a53befab0079770ca2ef2d941e154c916dfde356996c2a149089
SHA512

e26b7dccbbbb8562a4c0a0c6872f813211dbc5fae209d0f5187a7d8b8f88ee43b46535dadcd1c33e66262584e143138c0314674f0bd9f849cde156faaea51335
SSDEEP

24576:wCQZPd1JXyO6eCnwgwtjRzVS7HMHVN2k+gg/3O/afPhNmmjmm:wCyXyOKwTxSDMHV4Qg/3O/01am

Score

1^/10

Malware Config

Signatures

Files

67f9dba0b602548fe16ab9bc245014d4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

43:66:54:9e:e1:a5:e9:49:b8:f8:92:e4:e1:f7:6c:d2
Certificate

Issuer

CN=NCLauncher

Not Before

04-06-2020 05:23

Not After

31-12-2039 23:59

Subject

CN=NCLauncher

b3:e1:86:1e:1d:29:85:6c:34:13:db:9b:0e:2b:37:5b:f0:a5:b5:b5
Signer

Actual PE Digest

b3:e1:86:1e:1d:29:85:6c:34:13:db:9b:0e:2b:37:5b:f0:a5:b5:b5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy