Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_6ac72f64e420c9abdc2892950225eab60cd1f053237adab4c91113f8126fd5d6.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
JaffaCakes118_6ac72f64e420c9abdc2892950225eab60cd1f053237adab4c91113f8126fd5d6.exe
Resource
win10v2004-20241007-en
General
-
Target
JaffaCakes118_6ac72f64e420c9abdc2892950225eab60cd1f053237adab4c91113f8126fd5d6
-
Size
374.4MB
-
MD5
d2aec64fb25809ca1e7ecee3bb7cb549
-
SHA1
6c5cb79e520152149b4fd7d394a23a6acab8a7d4
-
SHA256
6ac72f64e420c9abdc2892950225eab60cd1f053237adab4c91113f8126fd5d6
-
SHA512
032ba8a59d3f97a23c00ce20363b2b311ca63ec92822dda6b88009b2bd06f95f319ce1ba0af2f32435729abebcc9629dadce3f28927ac9db54656bd3a9cb9d9a
-
SSDEEP
196608:+nL00WLSBnr3pv6RtMxp8S6LF/nrUOhyv+2:+LiGlZv67MeS6VrUHv+
Malware Config
Signatures
Files
-
JaffaCakes118_6ac72f64e420c9abdc2892950225eab60cd1f053237adab4c91113f8126fd5d6.exe windows:6 windows x86 arch:x86
d94db63cb1c770dd5bc2d9e990bfacb4
Code Sign
3a:79:94:72:4e:ec:0e:ad:4b:cf:9a:3d:32:2f:4a:bcCertificate
IssuerCN=👩🌾💂🦘🧭ჩ ც ძ წ ჭ ხ ჴ ჯ ჰ ჵ👩🌾💂🦘🧭ჩ ც ძ წ ჭ ხ ჴ ჯ ჰ ჵ👩🌾💂🦘🧭ჩ ც ძ წ ჭ ხ ჴ ჯ ჰ ჵNot Before20-09-2022 20:50Not After21-09-2032 20:50SubjectCN=👩🌾💂🦘🧭ჩ ც ძ წ ჭ ხ ჴ ჯ ჰ ჵ👩🌾💂🦘🧭ჩ ც ძ წ ჭ ხ ჴ ჯ ჰ ჵ👩🌾💂🦘🧭ჩ ც ძ წ ჭ ხ ჴ ჯ ჰ ჵ90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate
IssuerCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBNot Before11-05-2022 00:00Not After10-08-2033 23:59SubjectCN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate
IssuerCN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=USNot Before02-05-2019 00:00Not After18-01-2038 23:59SubjectCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
5d:d7:2b:ab:27:b1:b5:16:80:41:4c:e4:46:56:85:9d:6c:cf:ee:48:f0:c4:e8:a0:69:8f:64:7c:2b:96:d1:26Signer
Actual PE Digest5d:d7:2b:ab:27:b1:b5:16:80:41:4c:e4:46:56:85:9d:6c:cf:ee:48:f0:c4:e8:a0:69:8f:64:7c:2b:96:d1:26Digest Algorithmsha256PE Digest MatchesfalseHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetProcAddress
VirtualQuery
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress
ole32
CoInitialize
wtsapi32
WTSSendMessageW
user32
GetProcessWindowStation
GetProcessWindowStation
GetUserObjectInformationW
Sections
.text Size: - Virtual size: 44KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: - Virtual size: 4B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ữựЏ Size: - Virtual size: 4.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
ữựЏ Size: 6.1MB - Virtual size: 6.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ