5ba852fbfdf4872afef8eca15a3a7779_JaffaCakes118 | Triage

Submit
Reports

Overview

overview

3

Static

static

1

5ba852fbfd...18.exe

windows7-x64

1

5ba852fbfd...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

5ba852fbfdf4872afef8eca15a3a7779_JaffaCakes118.exe

Resource

win7-20240705-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

5ba852fbfdf4872afef8eca15a3a7779_JaffaCakes118.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

5ba852fbfdf4872afef8eca15a3a7779_JaffaCakes118
Size

20KB
MD5

5ba852fbfdf4872afef8eca15a3a7779
SHA1

11016f70ac4b1a01bce00fa8f9ecc86705a25e70
SHA256

5b8f2954e6358864a7cd691634db464bf319d588c3d9e19a3ffbd376570cf1e3
SHA512

8178a70fc4c71c1c194ea491985d8e62cae15f4728db595af23c7ff178bee68c45521153005c2755ea6d11b6c9222d52447332ae0002a9754f486adef4836210
SSDEEP

384:hLJKEuZGi7lIj3dSfQchOsLXhXAKYXtcC8:h8Z2jtV6lLKX+C8

Score

1^/10

Malware Config

Signatures

Files

5ba852fbfdf4872afef8eca15a3a7779_JaffaCakes118
.exe windows:4 windows x86 arch:x86

77a65dc88b92af86316e6dcabf9926f0

Code Sign

64:60:1c:1e:65:ec:cc:43:bb:88:8a:8b:16:f4:71:5c
Certificate

Issuer

CN=Qeqoqowiririw

Not Before

21/02/2012, 08:24

Not After

31/12/2039, 23:59

Subject

CN=Qeqoqowiririw

41:f2:0a:ec:44:df:10:9a:95:50:cf:6d:9c:7c:44:35:0c:ec:a6:05
Signer

Actual PE Digest

41:f2:0a:ec:44:df:10:9a:95:50:cf:6d:9c:7c:44:35:0c:ec:a6:05

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree
ExitProcess
Sleep

user32

GetMessageA
PostQuitMessage
RegisterClassExA
ShowWindow
TranslateMessage
UpdateWindow
EndPaint
CreateWindowExA
DispatchMessageA

gdi32

GetObjectA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 768B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 256B - Virtual size: 107B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 256B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy