General

Malware Config

Signatures

Files

• 1304e64e621f0b294ba3f5f0e0d73104_JaffaCakes118

  .exe windows:4 windows x86 arch:x86

  f34d5f2d4577ed6d9ceec516c1f5a744

  
  

  Code Sign

  57:8f:31:95:9a:6d:57:a2:48:81:6f:83:d9:93:b2:48

  Certificate

  Issuer

  CN=EXTRME\\Eray

  Not Before

  13-02-2021 10:22

  Not After

  13-02-2022 16:22

  Subject

  CN=EXTRME\\Eray

  38:3e:d6:04:19:3c:a0:84:d3:f3:83:8c:ad:1b:96:bf:47:d8:a1:a1:a8:8b:56:e8:f9:a1:63:7b:58:6e:af:d1

  Signer

  Actual PE Digest

  38:3e:d6:04:19:3c:a0:84:d3:f3:83:8c:ad:1b:96:bf:47:d8:a1:a1:a8:8b:56:e8:f9:a1:63:7b:58:6e:af:d1

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  PDB Paths

  C:\Users\Eray\Desktop\update\obj\Debug\update.pdb

  Imports

  mscoree

  _CorExeMain

  Sections

  .text

  Size: 886KB - Virtual size: 886KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 219KB - Virtual size: 218KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 512B - Virtual size: 12B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ