a8d3fbecddc54b16b3281b84e2f764b0_JaffaCakes118 | Triage

Submit
Reports

Overview

overview

7

Static

static

1

a8d3fbecdd...18.exe

windows7-x64

7

a8d3fbecdd...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

a8d3fbecddc54b16b3281b84e2f764b0_JaffaCakes118.exe

Resource

win7-20240704-en

discovery persistence

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

a8d3fbecddc54b16b3281b84e2f764b0_JaffaCakes118.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

a8d3fbecddc54b16b3281b84e2f764b0_JaffaCakes118
Size

311KB
MD5

a8d3fbecddc54b16b3281b84e2f764b0
SHA1

a1644aa9c6be6c9b2b873cb42acfff1662594fc6
SHA256

1a4ec236cdf84826e30adc92b23a7f12e957f5c62c728a04c0693d26b22ec440
SHA512

dc32fed6f7b9e1aa37d88dbf4f1253706d2f92f45e41928d5b719aa577b7806ba553e02d2a344634867baf6ce2b506c0339a127012f7e7c93bd94be3dab96318
SSDEEP

6144:dsbBzhz9/wAS64AqNCuGp2hpEw2I41gY9sbD:dsB1tVSzmuu6mIv

Score

1^/10

Malware Config

Signatures

Files

a8d3fbecddc54b16b3281b84e2f764b0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b485c011e68857e91500e4a591b70d52

Code Sign

67:7b:0f:56:de:04:8d:a7:4e:a7:1f:99:23:cc:68:26
Certificate

Issuer

CN=u65ykrty

Not Before

28/01/2012, 05:39

Not After

31/12/2039, 23:59

Subject

CN=u65ykrty

Extended Key Usages

ExtKeyUsageCodeSigning

4e:a2:02:a4:34:0c:58:90:f6:c5:5b:1a:bd:a9:ee:f6:d9:d7:cf:11
Signer

Actual PE Digest

4e:a2:02:a4:34:0c:58:90:f6:c5:5b:1a:bd:a9:ee:f6:d9:d7:cf:11

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
VirtualAlloc

advapi32

RegOpenKeyExW

shlwapi

SHRegEnumUSValueA
PathMakeSystemFolderA
PathSetDlgItemPathA
SHRegGetBoolUSValueW
SHRegSetUSValueW
SHRegWriteUSValueA
PathAddExtensionA
ord16

Sections

.text
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 556B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text5
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy