General

  • Target

    ed25a37370c2bf0cb686d9f34f87ec16_JaffaCakes118

  • Size

    3.9MB

  • MD5

    ed25a37370c2bf0cb686d9f34f87ec16

  • SHA1

    46776a051ec23c84985610f8735f23c131133c5d

  • SHA256

    e00e8fae03f147fab75eea6ed7293916402a1cb5a1de82efebdd524038a0fe26

  • SHA512

    88b70fb2910abce357ee2df4002b2dc307c5d9811cae17c5f2b1dd539cf41ddfcbf897f270bbd3629f2a9d2f8d43477fcf6da30bdba96837e69f9a4a96656cce

  • SSDEEP

    98304:i77Pmq33rE/JDLPWZADUGer7B6iY74M/fUmlwXVZ:k+R/eZADUXRI

Score
10/10

Malware Config

Extracted

Family

bitrat

Version

1.38

C2

23.105.131.193:100

Attributes
  • communication_password

    75f4758d6278650aace9b508615a308b

  • tor_process

    tor

Signatures

  • Bitrat family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ed25a37370c2bf0cb686d9f34f87ec16_JaffaCakes118
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections