General

  • Target

    6f6df11c0814860cc5a4fe7a9db87cc9_JaffaCakes118

  • Size

    321KB

  • MD5

    6f6df11c0814860cc5a4fe7a9db87cc9

  • SHA1

    539bbcc5ec63af4255a65e20ffb1352338cf41d2

  • SHA256

    304a2a17f482efca5e8a9e59b7e17f0f7cbd3bce77680f72ef079a81eadab70c

  • SHA512

    82bf7779e05bd6a734e51747f8fa8f879853c9869f88ecc0f7bf6bf13aeacdd47e7c506b9dde688c955c1f688f2889f8a8c92d263fcb411ec8663a43fe6ce31c

  • SSDEEP

    6144:Fy9xbRMPI1qIELTUbTvfjstzx6UqUxaUWEN:Fwi

Score
10/10

Malware Config

Signatures

  • Contains code to disable Windows Defender 1 IoCs

    A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6f6df11c0814860cc5a4fe7a9db87cc9_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections