a298d3c6875b0feb8e46237e58770c05_JaffaCakes118 | Triage

Submit
Reports

Overview

overview

Static

static

1

a298d3c687...18.exe

windows7-x64

a298d3c687...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

a298d3c6875b0feb8e46237e58770c05_JaffaCakes118.exe

Resource

win7-20240220-en

darkcomet guest16 evasion persistence rat trojan

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

a298d3c6875b0feb8e46237e58770c05_JaffaCakes118.exe

Resource

win10v2004-20240611-en

darkcomet guest16 evasion persistence rat trojan

windows10-2004-x64

16 signatures

150 seconds

General

Target

a298d3c6875b0feb8e46237e58770c05_JaffaCakes118
Size

853KB
MD5

a298d3c6875b0feb8e46237e58770c05
SHA1

313c0dc74092ecaff11886bd6a46180b060101bc
SHA256

11e4ec701aa7a97b97d299575dd92097d3ee52b5851afa6588f4e1220785b18d
SHA512

cbaaf8aa8d7607856724d573818b01e8e597e3c0891929163b845d6a8bbcf8afaea1287fbf52b6df98984c3681d31611e945ec9463e4cf3cc450cae00a3bba86
SSDEEP

12288:Ts98A+JZQQvMWFy2r0bDn5CX9yN1EO3/l3jZxfPgSWUiG9OelJ7y5g:498AiRr0bj5CX9ihl3jZtwUiCvJuu

Score

1^/10

Malware Config

Signatures

Files

a298d3c6875b0feb8e46237e58770c05_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

Certificate

Issuer

CN=www.clud-intim.com,OU=Game Design,O=clud-intim.com,L=Clue villie,ST=Clue,C=mt,1.2.840.113549.1.9.1=#0c16636f6e7461637440636c75642d696e74696d2e636f6d

Not Before

18/06/2015, 05:29

Not After

17/06/2016, 05:29

Subject

CN=www.clud-intim.com,OU=Game Design,O=clud-intim.com,L=Clue villie,ST=Clue,C=mt,1.2.840.113549.1.9.1=#0c16636f6e7461637440636c75642d696e74696d2e636f6d

b7:b4:01:88:b8:9d:8d:ba:14:a4:c8:53:36:bc:29:10:39:2c:69:af
Signer

Actual PE Digest

b7:b4:01:88:b8:9d:8d:ba:14:a4:c8:53:36:bc:29:10:39:2c:69:af

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 674KB - Virtual size: 673KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy