Behavioral task
behavioral1
Sample
JaffaCakes118_61473ea30184f36aaeaab890b2de3490a98644c7056b870698d50814fdc5fd4c.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_61473ea30184f36aaeaab890b2de3490a98644c7056b870698d50814fdc5fd4c.exe
Resource
win10v2004-20241007-en
General
-
Target
JaffaCakes118_61473ea30184f36aaeaab890b2de3490a98644c7056b870698d50814fdc5fd4c
-
Size
468KB
-
MD5
a040f253af8992f1ae6c54114d2eaa2e
-
SHA1
bdea96bcb782640053c6dba82b11a149c95876e9
-
SHA256
61473ea30184f36aaeaab890b2de3490a98644c7056b870698d50814fdc5fd4c
-
SHA512
ef003ce271138f841193fa3531f2781967abdb9674c08225cffd4318e5de71dc1edcb51b670cceb0aed1064884ef831092da6476e7e01c0fb9075afb4423460d
-
SSDEEP
3072:KExRaQ6raoCoCyz6/mqv1JR+yBtGOeaeWgiYqc5kExddxo5qWKWWf5rjg7ua2B:faO1tme++winc5PxXAqWKWWleuF
Malware Config
Extracted
azorult
�
Signatures
-
Azorult family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource JaffaCakes118_61473ea30184f36aaeaab890b2de3490a98644c7056b870698d50814fdc5fd4c
Files
-
JaffaCakes118_61473ea30184f36aaeaab890b2de3490a98644c7056b870698d50814fdc5fd4c.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
CODE Size: 102KB - Virtual size: 101KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
DATA Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BSS Size: - Virtual size: 2KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ