Behavioral task
behavioral1
Sample
JaffaCakes118_3aa48400e3e1c4445de1af0ad00e98a503e6606eb979e0e546278f22bf0fb2cd.exe
Resource
win7-20240903-en
General
-
Target
JaffaCakes118_3aa48400e3e1c4445de1af0ad00e98a503e6606eb979e0e546278f22bf0fb2cd
-
Size
72KB
-
MD5
83e4f77cae137c7bff6a24007930ea56
-
SHA1
45139cb5e3d5dfde3a190481623a66cb6716e1af
-
SHA256
3aa48400e3e1c4445de1af0ad00e98a503e6606eb979e0e546278f22bf0fb2cd
-
SHA512
a57d5d62a74a6d948db770f51497985b170c761f8c7ad849c9e6d8de902def26f1e8cc7c56498fb1f9c71cc84cc6b5fca5a12c703a35cb16c0cff48eb90b315c
-
SSDEEP
1536:EoD1Mth9MRwaeb4hSFqmOoy8grJKmVcl:EoD1MthMwaeb4G4ocNK8Y
Malware Config
Extracted
asyncrat
0.5.6D
Default
milla.publicvm.com:6606
milla.publicvm.com:7707
milla.publicvm.com:8808
sdjacffkienmtfsm
-
delay
9
-
install
true
-
install_file
firfafox.exe
-
install_folder
%AppData%
Signatures
Files
-
JaffaCakes118_3aa48400e3e1c4445de1af0ad00e98a503e6606eb979e0e546278f22bf0fb2cd.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
Imports
mscoree
_CorExeMain
Sections
.text Size: 42KB - Virtual size: 41KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ