Behavioral task
behavioral1
Sample
JaffaCakes118_2897e9bb1cfe6d0ab47716a328a018424ecd5c3613fd32a03b9da7c70ef39c04.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_2897e9bb1cfe6d0ab47716a328a018424ecd5c3613fd32a03b9da7c70ef39c04.exe
Resource
win10v2004-20241007-en
General
-
Target
JaffaCakes118_2897e9bb1cfe6d0ab47716a328a018424ecd5c3613fd32a03b9da7c70ef39c04
-
Size
152KB
-
MD5
ee721687f2d82fa6aca84698f06defd0
-
SHA1
bb7b64b18c45eff3860f8e98194410b7b5d7e591
-
SHA256
2897e9bb1cfe6d0ab47716a328a018424ecd5c3613fd32a03b9da7c70ef39c04
-
SHA512
cd91a419d85cc168a4859bd9190d4a9c2e6a34ce7d36f26c29b607decacde83f7b780f82e45e263d15651ecc82df788d614104cf0907218284b5c44c1241555b
-
SSDEEP
1536:uhCgrdvp/P68caijUq2azvduCiVWz1tb/6g0bQ9drUpiOWBu:uhCKJ1C8cvjUq2av1RRtbCG+wBu
Malware Config
Signatures
-
Snake Keylogger payload 1 IoCs
resource yara_rule sample family_snakekeylogger -
Snakekeylogger family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource JaffaCakes118_2897e9bb1cfe6d0ab47716a328a018424ecd5c3613fd32a03b9da7c70ef39c04
Files
-
JaffaCakes118_2897e9bb1cfe6d0ab47716a328a018424ecd5c3613fd32a03b9da7c70ef39c04.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 121KB - Virtual size: 121KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ