Behavioral task
behavioral1
Sample
JaffaCakes118_6a89e31b292d78224cc327530a78bbed41ac0357e293d1f4f6115f8cc0b4bb6f.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_6a89e31b292d78224cc327530a78bbed41ac0357e293d1f4f6115f8cc0b4bb6f.exe
Resource
win10v2004-20241007-en
General
-
Target
JaffaCakes118_6a89e31b292d78224cc327530a78bbed41ac0357e293d1f4f6115f8cc0b4bb6f
-
Size
43.2MB
-
MD5
e491621673dea805d9fcb870418298cd
-
SHA1
a6aeb9f7a8eaa8161e417372f88e845a59e855e0
-
SHA256
6a89e31b292d78224cc327530a78bbed41ac0357e293d1f4f6115f8cc0b4bb6f
-
SHA512
1f4e6bac92b7a003653910d3cc52491813ea1cd9cff8678bf89080ea660c66b75787ce4176db7994e5e8ee3eeee13715e2bd464efe9db3a14870efddbf77a9fe
-
SSDEEP
12288:38Malpp/QPcqcGVwwAPfoEQB94Uc1VNzZWPx91BKQTdbNNS:38dhQEqcGQfoxGVxIP9Ikd5w
Malware Config
Signatures
-
Raccoon Stealer V1 payload 1 IoCs
resource yara_rule sample family_raccoon_v1 -
Raccoon family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource JaffaCakes118_6a89e31b292d78224cc327530a78bbed41ac0357e293d1f4f6115f8cc0b4bb6f
Files
-
JaffaCakes118_6a89e31b292d78224cc327530a78bbed41ac0357e293d1f4f6115f8cc0b4bb6f.exe windows:6 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 420KB - Virtual size: 420KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 100KB - Virtual size: 100KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 19KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 21KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ