Behavioral task
behavioral1
Sample
JaffaCakes118_095e0329644e00a8d9553e0f510bee8f66ec0808982efe6f518aac8b2ade0d09.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
JaffaCakes118_095e0329644e00a8d9553e0f510bee8f66ec0808982efe6f518aac8b2ade0d09.exe
Resource
win10v2004-20241007-en
General
-
Target
JaffaCakes118_095e0329644e00a8d9553e0f510bee8f66ec0808982efe6f518aac8b2ade0d09
-
Size
152KB
-
MD5
7a8f140cf7536b48847a61e6f9d2d50a
-
SHA1
817ebfb5bbc96b6b834ef541925949a51d7c5a97
-
SHA256
095e0329644e00a8d9553e0f510bee8f66ec0808982efe6f518aac8b2ade0d09
-
SHA512
b43a2e7e1660f843d08de326ff9472d16c6f1c048e4bca0cb9704f17d8cc5d467b56d54feac48868306c94f71c82a480e20e5e7dc0315e81d3761396766ed53e
-
SSDEEP
1536:aZC+ejpfd45NkB8q2psN2sxzc2RR/AZhrb/657S47rQpiOWBh:aZC+0j45KB8q2wFxzc28hrbC0wBh
Malware Config
Signatures
-
Snake Keylogger payload 1 IoCs
resource yara_rule sample family_snakekeylogger -
Snakekeylogger family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource JaffaCakes118_095e0329644e00a8d9553e0f510bee8f66ec0808982efe6f518aac8b2ade0d09
Files
-
JaffaCakes118_095e0329644e00a8d9553e0f510bee8f66ec0808982efe6f518aac8b2ade0d09.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 121KB - Virtual size: 121KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ