e36b9884e0eabe6cd76aedd74f4b3151_JaffaCakes118 | Triage

Submit
Reports

Overview

overview

Static

static

1

e36b9884e0...18.exe

windows7-x64

e36b9884e0...18.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

e36b9884e0eabe6cd76aedd74f4b3151_JaffaCakes118.exe

Resource

win7-20240903-en

pony collection credential_access discovery persistence rat spyware stealer upx

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

e36b9884e0eabe6cd76aedd74f4b3151_JaffaCakes118.exe

Resource

win10v2004-20240802-en

pony collection credential_access discovery persistence rat spyware stealer upx

windows10-2004-x64

16 signatures

150 seconds

General

Target

e36b9884e0eabe6cd76aedd74f4b3151_JaffaCakes118
Size

208KB
MD5

e36b9884e0eabe6cd76aedd74f4b3151
SHA1

e98df4c6dbeb5e505026b824457722093c77feb5
SHA256

ad9039f3e400adc14b58c206d8d5cec9950bfab350d321cb8c40349a165ade1a
SHA512

de30462aeb3ffc85ed00ca5c195cde026f124096f25d1d73dda6beeed5c28eb6083e1325dbbc004fe662d2feaec1458329cae804ea2c84371864ee531653a7fb
SSDEEP

3072:C1Q52m+tPGmjZQ84GbS2DIzG9bRDvPEw/IBAIXODpzyN0MPegMtBH0:4HumT1Dm4tscU0MPegKBH0

Score

1^/10

Malware Config

Signatures

Files

e36b9884e0eabe6cd76aedd74f4b3151_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

17:06:31:a2:65:38:71:82:4a:2b:0b:81:83:69:a5:c6
Certificate

Issuer

CN={B1A3E942-0C97-49A3-8C63-10C008633F19}

Not Before

26-11-2013 22:15

Not After

27-11-2014 04:15

Subject

CN={B1A3E942-0C97-49A3-8C63-10C008633F19}

c3:e5:a7:5a:6e:8c:fc:3d:90:fa:42:d4:cb:3b:be:cc:ea:a8:01:5f
Signer

Actual PE Digest

c3:e5:a7:5a:6e:8c:fc:3d:90:fa:42:d4:cb:3b:be:cc:ea:a8:01:5f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy