Overview

overview

3

Static

static

3

WINDOWS/Mi...st.exe

windows7-x64

1

WINDOWS/Mi...st.exe

windows10-2004-x64

1

WINDOWS/Se...st.exe

windows7-x64

1

WINDOWS/Se...st.exe

windows10-2004-x64

1

WINDOWS/sy...st.exe

windows7-x64

1

WINDOWS/sy...st.exe

windows10-2004-x64

1

svchost.exe

windows7-x64

1

svchost.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    241dcd20f45ac73d3cc1a5eb7832a93b_JaffaCakes118

  • Size

    82KB

  • MD5

    241dcd20f45ac73d3cc1a5eb7832a93b

  • SHA1

    89d2e0d6132b5eeb212796c5fd575b3dfdc1146a

  • SHA256

    5aeaecfc6ffd20fcea92ebdfdfc0e31568813d5492bf8006e1872563a35c20c8

  • SHA512

    43a9c47bf4ee532b574fe97ea8d7d37148353c25c72af8f1a54bbb261397fe4dd11030f5b8f62ddca4b90dcfb389025e1193d1afdda197b67d433faa58e2714d

  • SSDEEP

    1536:HsZbGkn0i/O9KN5Wij72iJK9RNaWqpcMxkuyPdaAKMKdmaoma4jHgKm8tEVO:IyPKHVMaWgcMAPIAKMoVTgf8tEVO

Score
3/10

Malware Config

Signatures

  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

Files

  • 241dcd20f45ac73d3cc1a5eb7832a93b_JaffaCakes118
    .rar
  • WINDOWS/Microsoft.NET/Framework/v3.0/Windows Communication Foundation/SMSvcHost.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • WINDOWS/Microsoft.NET/Framework/v3.0/Windows Communication Foundation/SMSvcHost.exe.config
    .xml
  • WINDOWS/Microsoft.NET/Framework/v3.0/Windows Communication Foundation/_SMSvcHostPerfCounters.h
  • WINDOWS/Microsoft.NET/Framework/v3.0/Windows Communication Foundation/_SMSvcHostPerfCounters.ini
  • WINDOWS/Microsoft.NET/Framework/v3.0/Windows Communication Foundation/_SMSvcHostPerfCounters.reg
  • WINDOWS/Microsoft.NET/Framework/v3.0/Windows Communication Foundation/_SMSvcHostPerfCounters.vrg
  • WINDOWS/Prefetch/SVCHOST.EXE-3530F672.pf
  • WINDOWS/ServicePackFiles/i386/svchost.exe
    .exe windows:5 windows x86 arch:x86

    7a06bdb902da41a74668875a6c42864b


    Headers

    Imports

    Sections

  • WINDOWS/system32/svchost.exe
    .exe windows:5 windows x86 arch:x86

    7a06bdb902da41a74668875a6c42864b


    Headers

    Imports

    Sections

  • i386/SVCHOST.EX_
    .cab
  • svchost.exe
    .exe windows:5 windows x86 arch:x86

    7a06bdb902da41a74668875a6c42864b


    Headers

    Imports

    Sections