Behavioral task
behavioral1
Sample
JaffaCakes118_78cc42e1db87118ec7a409f341ec94560be7e94a378a5562f79400b862c1eddb.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
JaffaCakes118_78cc42e1db87118ec7a409f341ec94560be7e94a378a5562f79400b862c1eddb.exe
Resource
win10v2004-20241007-en
General
-
Target
JaffaCakes118_78cc42e1db87118ec7a409f341ec94560be7e94a378a5562f79400b862c1eddb
-
Size
152KB
-
MD5
1611b78ec4eb826ee2fb54772f38324b
-
SHA1
9b404e533770d9e954bfc8801d525ab2fd27f0d7
-
SHA256
78cc42e1db87118ec7a409f341ec94560be7e94a378a5562f79400b862c1eddb
-
SHA512
12527cce51ef33901bb28f7fcc6a760b67f852a775823e639b18e70c407c723d9590fefd6157e0786e0f6422577d0cc8e2e7f6831bf65c3661d7bcf90cd4f2a7
-
SSDEEP
3072:aNsWCq3MPfz0Kq2H+PGXBTbCnxvowB1EnbY:Q/5zA+exbeSb
Malware Config
Signatures
-
Snake Keylogger payload 1 IoCs
resource yara_rule sample family_snakekeylogger -
Snakekeylogger family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource JaffaCakes118_78cc42e1db87118ec7a409f341ec94560be7e94a378a5562f79400b862c1eddb
Files
-
JaffaCakes118_78cc42e1db87118ec7a409f341ec94560be7e94a378a5562f79400b862c1eddb.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 121KB - Virtual size: 121KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ