39fd1216a14c092246cc7c63c7ca2fab_JaffaCakes118 | Triage

Submit
Reports

Overview

overview

3

Static

static

1

39fd1216a1...18.exe

windows7-x64

3

39fd1216a1...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

39fd1216a14c092246cc7c63c7ca2fab_JaffaCakes118.exe

Resource

win7-20240708-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

39fd1216a14c092246cc7c63c7ca2fab_JaffaCakes118.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

39fd1216a14c092246cc7c63c7ca2fab_JaffaCakes118
Size

31KB
MD5

39fd1216a14c092246cc7c63c7ca2fab
SHA1

4f1212273d719ae0ce0120327b8d151434f90818
SHA256

0632bcb17c47fb840e1f0241eebfab73856bbf212ed95e6e56fe64b210bace75
SHA512

94503dbecc8c6652148b628c6cab3bb140281d0a53589f8ea790df971dc74c2120fc7f9878c9619195da38e285026d1af83cfacb4efca63a6328defbb1e5e79a
SSDEEP

768:DZp9DrPh3K8c27QR7GPTO/mT8LUANanfgEG:DZp9DrPh3v9KkTQmAL2fDG

Score

1^/10

Malware Config

Signatures

Files

39fd1216a14c092246cc7c63c7ca2fab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Code Sign

11:af:28:14:42:7f:82:ba:46:04:40:ca:66:6c:74:95
Certificate

Issuer

CN=Qizhi Software (beijing) Co. Ltd

Not Before

31/12/2007, 16:00

Not After

31/12/9998, 16:00

Subject

CN=Qizhi Software (beijing) Co. Ltd

66:ad:97:b3:2f:89:39:b0:b6:7a:30:c9:f4:0b:58:01:68:1f:c6:73
Signer

Actual PE Digest

66:ad:97:b3:2f:89:39:b0:b6:7a:30:c9:f4:0b:58:01:68:1f:c6:73

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 19KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 907B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack0
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy