Behavioral task
behavioral1
Sample
CiscoPasswordRevealer/CiscoPasswordRevealer/CiscoPasswordRevealer/Cisco Password Revealer.exe
Resource
win7-20240705-en
General
-
Target
a0a05328528ad09e44f61affdd0d01f5_JaffaCakes118
-
Size
151KB
-
MD5
a0a05328528ad09e44f61affdd0d01f5
-
SHA1
e82ee264c48555ec8c24ad742e9412d9459fc1fb
-
SHA256
14ebe74f3641bb1123c4fcdb48e20eb926b0321a6ddc62a7ceb6aa5c7dc12ec2
-
SHA512
e840c4af810952a990cd7a765ad37019cbe3676a2c39bd7d9d3a8c29e1a1558888c15175f027bb9444a68f6b358093680cccc913dcf4b0ba8f007c18eff8aa21
-
SSDEEP
3072:8+egVZgOd9etJgk5V2qXKCOTmGwGRd85GiGgTuf5hxbm9dWU9:8AWOj+gWK0Yd85BGNzwa6
Malware Config
Signatures
-
resource yara_rule static1/unpack001/CiscoPasswordRevealer/CiscoPasswordRevealer/CiscoPasswordRevealer/Cisco Password Revealer.exe upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/CiscoPasswordRevealer/CiscoPasswordRevealer/CiscoPasswordRevealer/Cisco Password Revealer.exe
Files
-
a0a05328528ad09e44f61affdd0d01f5_JaffaCakes118.rar
-
CiscoPasswordRevealer/CiscoPasswordRevealer/CiscoPasswordRevealer/Cisco Password Revealer.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 116KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 154KB - Virtual size: 156KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
CiscoPasswordRevealer/CiscoPasswordRevealer/CiscoPasswordRevealer/CiscoPasswdDecoder.cpp
-
CiscoPasswordRevealer/CiscoPasswordRevealer/CiscoPasswordRevealer/CiscoPasswdDecoder.h
-
CiscoPasswordRevealer/CiscoPasswordRevealer/CiscoPasswordRevealer/readme.txt