General

  • Target

    1c084e116a63a8eeff572ffbb40d7e60_JaffaCakes118

  • Size

    210KB

  • MD5

    1c084e116a63a8eeff572ffbb40d7e60

  • SHA1

    e113e2a9504f07c0f8cc4c8d1eb167b029a54cae

  • SHA256

    c439801dd10f208ac9ace5b3de3c7bf153bed8a1c7e43cb12983689c96038ebd

  • SHA512

    04f415911a8d72f21b3f512f96fcc65594047a71444379f63f8c0a604d626257e5f08232e5bc7403ce30b0c0df121e64f36a62b0b51a459a1f4dab6bbd543877

  • SSDEEP

    6144:DBYHJKsR5jmnxHDLsB/IfllKLIjiRXop/+MYr:DKpfGxHDL4/ItlKLt6+hr

Score
10/10

Malware Config

Signatures

  • Gh0st RAT payload 1 IoCs
  • Gh0strat family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 1c084e116a63a8eeff572ffbb40d7e60_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections