Behavioral task
behavioral1
Sample
JaffaCakes118_91fa2fa1bbb4853cfd6422b550806994bf6a066ea44b2166b7e86f9df9504b44.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
JaffaCakes118_91fa2fa1bbb4853cfd6422b550806994bf6a066ea44b2166b7e86f9df9504b44.exe
Resource
win10v2004-20241007-en
General
-
Target
JaffaCakes118_91fa2fa1bbb4853cfd6422b550806994bf6a066ea44b2166b7e86f9df9504b44
-
Size
152KB
-
MD5
2a1e6f7b6260e348a9bd52b59bee9557
-
SHA1
d59898cf3a1c6a9c9dec701d042ca7e58f035b6a
-
SHA256
91fa2fa1bbb4853cfd6422b550806994bf6a066ea44b2166b7e86f9df9504b44
-
SHA512
d27be1cd12014df024f6737e1aca563d2d545f4045890d694da9a6331ea1884fbf6e7a5ac8ab3f4dc122bb334a2b879ace79a6d3d3f577d92f3ae5cb8a28f210
-
SSDEEP
3072:FDAixrDw5DmLdzBHNKy3dbC+oiN4gwBWunbY:vBN33tbciieob
Malware Config
Signatures
-
Snake Keylogger payload 1 IoCs
resource yara_rule sample family_snakekeylogger -
Snakekeylogger family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource JaffaCakes118_91fa2fa1bbb4853cfd6422b550806994bf6a066ea44b2166b7e86f9df9504b44
Files
-
JaffaCakes118_91fa2fa1bbb4853cfd6422b550806994bf6a066ea44b2166b7e86f9df9504b44.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 121KB - Virtual size: 120KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ