Behavioral task
behavioral1
Sample
JaffaCakes118_0f11e0af1b48e1fcbe54c368bc544acd0f781e0b79ca4477e2db184cd331ff9e.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
JaffaCakes118_0f11e0af1b48e1fcbe54c368bc544acd0f781e0b79ca4477e2db184cd331ff9e.exe
Resource
win10v2004-20241007-en
General
-
Target
JaffaCakes118_0f11e0af1b48e1fcbe54c368bc544acd0f781e0b79ca4477e2db184cd331ff9e
-
Size
152KB
-
MD5
e39c1b5be827c93f574eaae4b6ff67d4
-
SHA1
5bb6f46bccc8e81d2b4788a70188eabd7a014336
-
SHA256
0f11e0af1b48e1fcbe54c368bc544acd0f781e0b79ca4477e2db184cd331ff9e
-
SHA512
1ad5c434edb892c98a8297966a63afb48ded8c8dbe1458e8963fe2cc1bb991e57cab6d047d50d8adb47881efad4309eeb7c56421103685c7f493fa4ec1bfc5fc
-
SSDEEP
3072:xmAi7sRJGsWjTjVxDp+1b8fALwBo1FbY:2xhMbiQLb
Malware Config
Signatures
-
Snake Keylogger payload 1 IoCs
resource yara_rule sample family_snakekeylogger -
Snakekeylogger family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource JaffaCakes118_0f11e0af1b48e1fcbe54c368bc544acd0f781e0b79ca4477e2db184cd331ff9e
Files
-
JaffaCakes118_0f11e0af1b48e1fcbe54c368bc544acd0f781e0b79ca4477e2db184cd331ff9e.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 121KB - Virtual size: 120KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ