Behavioral task
behavioral1
Sample
81fd3e1508b299d1ead7d1edcb23f62d_JaffaCakes118.exe
Resource
win7-20241010-en
General
-
Target
81fd3e1508b299d1ead7d1edcb23f62d_JaffaCakes118
-
Size
68KB
-
MD5
81fd3e1508b299d1ead7d1edcb23f62d
-
SHA1
6b1da1e345f40396e70a874804c4671a5105b093
-
SHA256
33ffbdee3a0b1a413349f0b2ad1e6507185c89096b1590910969466da502528d
-
SHA512
0811338fc2cc2948bc2cc5cb5d721938e05f492f7ec16060700e4258108822c83bce54d5cb15ec207d250f34791ee68aa4799355df15178e268e4aa2b9069430
-
SSDEEP
1536:mDPVvuB3qCddd1Bmn9b9yYFgfYG2p3kf+:mDts3qYmn9b9pgfYGzm
Malware Config
Extracted
asyncrat
v0.2
jan30eu
niceone20.cn:7201
fjuj84hgoa84gn.xyz:7201
getupdated2021win2k.cn:7201
afgj6j3umd5uk
-
delay
3
-
install
false
-
install_folder
%AppData%
Signatures
Files
-
81fd3e1508b299d1ead7d1edcb23f62d_JaffaCakes118.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
Imports
mscoree
_CorExeMain
Sections
.text Size: 63KB - Virtual size: 63KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ