Behavioral task
behavioral1
Sample
JaffaCakes118_37a9060a05ab5377ff00f07e409339808624418c223dd0062f0d8be026a1a076.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_37a9060a05ab5377ff00f07e409339808624418c223dd0062f0d8be026a1a076.exe
Resource
win10v2004-20241007-en
General
-
Target
JaffaCakes118_37a9060a05ab5377ff00f07e409339808624418c223dd0062f0d8be026a1a076
-
Size
152KB
-
MD5
4435b6aec32be5102978a87b533f4290
-
SHA1
0d47d4ea39aed8d8308c71e5709d7e45dd10d9a5
-
SHA256
37a9060a05ab5377ff00f07e409339808624418c223dd0062f0d8be026a1a076
-
SHA512
5652dc5048322189ae08922a30bde05aa8a6460b0eef0390c33931261be6f42e2d15e0d074d8b94aa2bfe75c110ab0081dc5f04fa07257259b7e5066332a0f20
-
SSDEEP
1536:8ZCgrdvpoktqrUVcdBk6u8Hrx16RLb/61poMpiOWBW:8ZCKJC0qrOcdBk6hHyRLbC3omwBW
Malware Config
Signatures
-
Snake Keylogger payload 1 IoCs
resource yara_rule sample family_snakekeylogger -
Snakekeylogger family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource JaffaCakes118_37a9060a05ab5377ff00f07e409339808624418c223dd0062f0d8be026a1a076
Files
-
JaffaCakes118_37a9060a05ab5377ff00f07e409339808624418c223dd0062f0d8be026a1a076.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 121KB - Virtual size: 120KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ