254ce7e9d8c184d3f31b6c5946595061_JaffaCakes118 | Triage

Submit
Reports

Overview

overview

6

Static

static

1

DigitalSignCheck.exe

windows7-x64

6

DigitalSignCheck.exe

windows10-2004-x64

1

安装说明.url

windows7-x64

1

安装说明.url

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

DigitalSignCheck.exe

Resource

win7-20240611-en

bootkit persistence

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

DigitalSignCheck.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral3

Sample

安装说明.url

Resource

win7-20240508-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

安装说明.url

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

254ce7e9d8c184d3f31b6c5946595061_JaffaCakes118
Size

275KB
MD5

254ce7e9d8c184d3f31b6c5946595061
SHA1

26f36d9ce92e884cf647dbfdfd812bb026fbed6a
SHA256

69fc82751a45a699441f5637060cdfa646ebc6425c6b9dbb40d9dd1d51f668bd
SHA512

44aa5b1ba16b8a957fcc220fdd5e3a0ba13db6f3f4ff0dd0d5146c509a981f3a1d959dce3b129dfb43d33f14df63dbff0d1af4774451459f5cc588fe3656c8fa
SSDEEP

6144:E5n8iSxQy7HCLv8dvibt3krLNEeYmux4oBMbHMPZtnDA7zXSYrrnpnwV:4pkOLv2qB38hf71oMSjIzXS0rp+

Score

1^/10

Malware Config

Signatures

Files

254ce7e9d8c184d3f31b6c5946595061_JaffaCakes118
.rar
DigitalSignCheck.exe
.exe windows:4 windows x86 arch:x86

Code Sign

02:1b:45:b8:6b:ae:f2:48:bb:02:8a:63:2b:8f:50:d5
Certificate

Issuer

CN=killer

Not Before

31/12/2004, 16:00

Not After

31/12/2009, 16:00

Subject

CN=killer

3b:73:83:23:9c:18:56:62:de:d8:55:75:9b:1c:fe:76:1b:fb:0b:76
Signer

Actual PE Digest

3b:73:83:23:9c:18:56:62:de:d8:55:75:9b:1c:fe:76:1b:fb:0b:76

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 132KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 25KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 110KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
安装说明.url
.url

© 2018-2025

Terms | Privacy