General

  • Target

    ab327c1a0e45ae56284efc2c7c12ec61_JaffaCakes118

  • Size

    6.0MB

  • MD5

    ab327c1a0e45ae56284efc2c7c12ec61

  • SHA1

    8063ee55064bcb3ae15caf4d3717b903fa793482

  • SHA256

    aa17b5c0e4a8abddecfe3e539a4fe9a00de60c47d3f2decb8a6570473a227cc6

  • SHA512

    2819c6e44be612f376a1a63727a7949d90041aece75d0af9ea7115900c72c5466f1267e284417453d6cbc90ecb2a92665290b5a5c450e82b92d675e00fbcf8b9

  • SSDEEP

    98304:5R9DnYvY1gYZ0N7KkBwpRCeoL5EF0J7ZJy7WOW8VQpweXBSbHqaQrxF90tAhOug:5RmvY1gyA7KgwpRClL4gtjOPVQpwipxc

Score
3/10

Malware Config

Signatures

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs

Files

  • ab327c1a0e45ae56284efc2c7c12ec61_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Code Sign

    Headers

    Imports

    Sections

  • $EXEDIR/HandVisiting.dat
  • $EXEDIR/NSIS.png
    .png
  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    f2ac1ab587d5531d5f1bf76c094aef4c


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/com_plugin.dll
    .dll regsvr32 windows:6 windows x86 arch:x86

    9d1ed9fb75452073b14612fd8b78163a


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/fwp.dll
    .dll windows:6 windows x86 arch:x86

    5adf03fd9078d1d2222c4d8d3a163a93


    Headers

    Imports

    Exports

    Sections