17508af9f04aeb6cf3bf4a43f4392c8d_JaffaCakes118 | Triage

Submit
Reports

Overview

overview

7

Static

static

1

17508af9f0...18.exe

windows7-x64

7

17508af9f0...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

17508af9f04aeb6cf3bf4a43f4392c8d_JaffaCakes118.exe

Resource

win7-20240729-en

discovery persistence

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

17508af9f04aeb6cf3bf4a43f4392c8d_JaffaCakes118.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

17508af9f04aeb6cf3bf4a43f4392c8d_JaffaCakes118
Size

338KB
MD5

17508af9f04aeb6cf3bf4a43f4392c8d
SHA1

aa4888d65b4f87d31f01b0f1385fc3269e844045
SHA256

fb7790d939dd8999949bb47bd00a40a3153faa7e8082df57f33711933aab6f1d
SHA512

a118c29181f4483fe08e52afdb67db13dd110db7b4e158c41222376c34c63c4c9e08ebf37d7e52191ff836e123d2dcf4bfe547929b97ec86edcb776648f40bcc
SSDEEP

6144:HMzQ9Skyr2I6jpZNp0H8vIz3YX5Sze2wpchpkUJ1HTBh4kHIp:hSkK6jxQTKk9h1HTAp

Score

1^/10

Malware Config

Signatures

Files

17508af9f04aeb6cf3bf4a43f4392c8d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

70d8fea638a777868ed479b89ebde76d

Code Sign

5c:91:0a:e6:1d:e2:3c:a3:4f:37:d3:8f:e5:01:c3:d7
Certificate

Issuer

CN=SMCh

Not Before

22/06/2012, 05:35

Not After

31/12/2039, 23:59

Subject

CN=SMCh

Extended Key Usages

ExtKeyUsageCodeSigning

8a:86:9c:0f:62:41:18:fc:de:f6:ac:49:cb:4f:05:d9:ee:88:56:91
Signer

Actual PE Digest

8a:86:9c:0f:62:41:18:fc:de:f6:ac:49:cb:4f:05:d9:ee:88:56:91

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
GetCommandLineA
CloseHandle
GetWindowsDirectoryW
lstrcatW
CreateFileW
VirtualAllocEx
GetModuleHandleA
GetProcAddress

user32

RegisterClassExA
CreateWindowExA
LoadIconA
LoadCursorA

advapi32

RegCloseKey
RegOpenKeyW

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy