General

  • Target

    cd8e9980df2a7591fb2565f665182f3d_JaffaCakes118

  • Size

    520KB

  • MD5

    cd8e9980df2a7591fb2565f665182f3d

  • SHA1

    9bcfa03a00e55ee80636a0183cd88beff1b58d8e

  • SHA256

    67e5ebf48c32e30d50a7183eea0f2dc0a59db7ba0fa4342beab0594598fc5d42

  • SHA512

    efa65c6fd371c6562e0e83d40e32dbc6fdf616e5f7aabcac9577794af7d57fb08d7baddaa3f443f6e57a6e099bd735545610bbd480424d6f5d1e830d2c3773c0

  • SSDEEP

    12288:0RfQn+w8EYiBlMkn5f9J105ko8T6csVec:g4+wlYBsb3zNs9

Score
10/10

Malware Config

Extracted

Family

sakula

C2

www.polarroute.com

Signatures

  • Sakula family
  • Sakula payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • cd8e9980df2a7591fb2565f665182f3d_JaffaCakes118
    .exe windows:5 windows x86 arch:x86

    4511896d043677e4ab4578dc5bcab5a0


    Headers

    Imports

    Sections