5d0a5aee0fc49b919cd6c47d92ed7cf5_JaffaCakes118 | Triage

Submit
Reports

Overview

overview

7

Static

static

1

5d0a5aee0f...18.exe

windows7-x64

7

5d0a5aee0f...18.exe

windows10-2004-x64

7

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

5d0a5aee0fc49b919cd6c47d92ed7cf5_JaffaCakes118.exe

Resource

win7-20240704-en

persistence upx

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

5d0a5aee0fc49b919cd6c47d92ed7cf5_JaffaCakes118.exe

Resource

win10v2004-20240709-en

persistence upx

windows10-2004-x64

2 signatures

150 seconds

General

Target

5d0a5aee0fc49b919cd6c47d92ed7cf5_JaffaCakes118
Size

20KB
MD5

5d0a5aee0fc49b919cd6c47d92ed7cf5
SHA1

18c181316b36be666eca384ffb79c24d3cf98fac
SHA256

57fece34f4294e3505ee05d71f69071a94f376e6f587b64e6d787ff6e13eaa46
SHA512

bda7236df4d5f1dfa563bf7a249f3edf3b2043cd3355c950758a0f62607d0e7012b1432fdbbb5c3f608ebea04b6cc966cadfb0ef6470125cbb4aef32df0b37cd
SSDEEP

384:Wu2Pud1HaGIx/ny9HU18KjQR4pvckdJpi9VG:f+uLeKa1njUEvk9o

Score

1^/10

Malware Config

Signatures

Files

5d0a5aee0fc49b919cd6c47d92ed7cf5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2d31c11ac42b24fa76764b521ec6c616

Code Sign

6b:cc:e8:2c:88:9c:b3:8b:49:18:51:1c:4e:16:b1:be
Certificate

Issuer

CN=Ewiwawea

Not Before

31-12-2010 21:00

Not After

31-12-2039 23:59

Subject

CN=Ewiwawea

7f:86:b2:ff:3e:c6:63:d1:67:1b:ad:85:80:83:a6:3a:49:67:68:45
Signer

Actual PE Digest

7f:86:b2:ff:3e:c6:63:d1:67:1b:ad:85:80:83:a6:3a:49:67:68:45

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetComputerNameA
GetLastError
GetModuleHandleA
ExitProcess
GetSystemDirectoryA
GetSystemInfo
GetVersion
LoadLibraryA
WaitForSingleObject
GetProcAddress

user32

KillTimer

advapi32

GetUserNameA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy