b2487d1b1f25d1ac8666a17a6047cfa9_JaffaCakes118 | Triage

Submit
Reports

Overview

overview

7

Static

static

1

b2487d1b1f...18.exe

windows7-x64

7

b2487d1b1f...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b2487d1b1f25d1ac8666a17a6047cfa9_JaffaCakes118.exe

Resource

win7-20240704-en

discovery persistence

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

b2487d1b1f25d1ac8666a17a6047cfa9_JaffaCakes118.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

b2487d1b1f25d1ac8666a17a6047cfa9_JaffaCakes118
Size

309KB
MD5

b2487d1b1f25d1ac8666a17a6047cfa9
SHA1

3408bfb1b6b1767330911febb3cb69211f70c6a0
SHA256

4272d0eda28f7b3a71c6cf25fbc4da1896088133539db1038ad2d2ce3344fdef
SHA512

32b7a8031258d84cb15b8c0af01ff822426d93e82e2f40a597751c64aad69c75ce0b8c5d9795382187dbdad2170648eb0a0cad6e4827e47a7895169712b78a5e
SSDEEP

6144:FwhzQ9SKKr2I6j36ZNp0H8vIz3YX5Sze2wpchpkUJ1H9Bh4kHI4:FrSKy6j32QTKk9h1H9A4

Score

1^/10

Malware Config

Signatures

Files

b2487d1b1f25d1ac8666a17a6047cfa9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

70d8fea638a777868ed479b89ebde76d

Code Sign

5c:91:0a:e6:1d:e2:3c:a3:4f:37:d3:8f:e5:01:c3:d7
Certificate

Issuer

CN=SMCh

Not Before

22/06/2012, 05:35

Not After

31/12/2039, 23:59

Subject

CN=SMCh

Extended Key Usages

ExtKeyUsageCodeSigning

55:1a:33:aa:fd:90:62:15:24:c5:39:cc:c3:ff:ca:10:ba:c3:2f:fb
Signer

Actual PE Digest

55:1a:33:aa:fd:90:62:15:24:c5:39:cc:c3:ff:ca:10:ba:c3:2f:fb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
GetCommandLineA
CloseHandle
GetWindowsDirectoryW
lstrcatW
CreateFileW
VirtualAllocEx
GetModuleHandleA
GetProcAddress

user32

RegisterClassExA
CreateWindowExA
LoadIconA
LoadCursorA

advapi32

RegCloseKey
RegOpenKeyW

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy