Behavioral task
behavioral1
Sample
JaffaCakes118_f9ce75c0b4e428aab7324d2e16bc114299f38bd3b696e33780863c10aa61481b.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
JaffaCakes118_f9ce75c0b4e428aab7324d2e16bc114299f38bd3b696e33780863c10aa61481b.exe
Resource
win10v2004-20241007-en
General
-
Target
JaffaCakes118_f9ce75c0b4e428aab7324d2e16bc114299f38bd3b696e33780863c10aa61481b
-
Size
424KB
-
MD5
6dab6bed3be317ae8658732763344a97
-
SHA1
01f01cf482b2954f6ef8340909c4f068e81a9d55
-
SHA256
f9ce75c0b4e428aab7324d2e16bc114299f38bd3b696e33780863c10aa61481b
-
SHA512
37a30126114db54faddb8e48da01d4ddebd8cbd3d0ff4b337addc246f9ddef463a76f978193154d735ac6e55f698386d880d3f508afa3b5e9230d930ee320a26
-
SSDEEP
3072:spVsWdzbJ1RUEqJkZjXW6pGfHJOSojqSmq1P9SWX4HsSX7TU6FX:sP9d+EqJUW9HJOSoOSmq1Pb6sSX7TfF
Malware Config
Signatures
-
Snakekeylogger family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource JaffaCakes118_f9ce75c0b4e428aab7324d2e16bc114299f38bd3b696e33780863c10aa61481b
Files
-
JaffaCakes118_f9ce75c0b4e428aab7324d2e16bc114299f38bd3b696e33780863c10aa61481b.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 393KB - Virtual size: 393KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ