Behavioral task
behavioral1
Sample
晓阳QQ空间秒赞工具v1.2_全能版.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
晓阳QQ空间秒赞工具v1.2_全能版.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
河源下载站-Xz7.com.url
Resource
win7-20240419-en
Behavioral task
behavioral4
Sample
河源下载站-Xz7.com.url
Resource
win10v2004-20240508-en
General
-
Target
692eaaf0a27640ddea4d363db2fb0fe2_JaffaCakes118
-
Size
410KB
-
MD5
692eaaf0a27640ddea4d363db2fb0fe2
-
SHA1
4a57fbb9d4670c2f10866356f2aa5e6985cd4a95
-
SHA256
8c859acd6810389e5b4730873a652ba60d467fb6b010907e8a767b6f813ea1e2
-
SHA512
66e8f770e9ada608fe15fecce3c623b894dca73a0ef0e073ff351076b650d4be4fa5d3b8f25e6d104a826ade16191d0cebd3c9cf27197a6fe063ad73fd232a43
-
SSDEEP
12288:kPTv+OfXUxS+TYc5HaPwClINbkIquhQn2Ujk28:wD+OfXUxTY2HaPwClINAuhO2Ujk5
Malware Config
Signatures
-
Processes:
resource yara_rule static1/unpack001/晓阳QQ空间秒赞工具v1.2_全能版.exe upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/晓阳QQ空间秒赞工具v1.2_全能版.exe
Files
-
692eaaf0a27640ddea4d363db2fb0fe2_JaffaCakes118.rar
-
晓阳QQ空间秒赞工具v1.2_全能版.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 1.2MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 401KB - Virtual size: 404KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 26KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
河源下载站-Xz7.com.url.url