Behavioral task
behavioral1
Sample
JaffaCakes118_58cf17d3004384a23f17e6c752e1ffb380987817a03949bfbc90e5a4041731f0.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_58cf17d3004384a23f17e6c752e1ffb380987817a03949bfbc90e5a4041731f0.exe
Resource
win10v2004-20241007-en
General
-
Target
JaffaCakes118_58cf17d3004384a23f17e6c752e1ffb380987817a03949bfbc90e5a4041731f0
-
Size
152KB
-
MD5
d41046efcc7c8ab62304f4e4ce9d6a1f
-
SHA1
25c71dec86512397b0e3d7a9cab85650539c9cd9
-
SHA256
58cf17d3004384a23f17e6c752e1ffb380987817a03949bfbc90e5a4041731f0
-
SHA512
173e1f7f5f168470bbd5c7689ca266c4e9cfcfc77767e61296f9deb6863061154143fea2692bff6cd31eda0dda547822fb5bcec761fbd4f52507c28f62748bd3
-
SSDEEP
1536:vd8qllBL78E4aQk37CSIFw9KkCMWeUOAx0b/6ti7FOFhpiOWBvvpY:vd8qjRT7C9Fw9HO2bCEBOpwBnp
Malware Config
Signatures
-
Snake Keylogger payload 1 IoCs
resource yara_rule sample family_snakekeylogger -
Snakekeylogger family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource JaffaCakes118_58cf17d3004384a23f17e6c752e1ffb380987817a03949bfbc90e5a4041731f0
Files
-
JaffaCakes118_58cf17d3004384a23f17e6c752e1ffb380987817a03949bfbc90e5a4041731f0.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 124KB - Virtual size: 124KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ