General

  • Target

    4acc3997d90c1bd1118aa9c336db7aa0_JaffaCakes118

  • Size

    39KB

  • MD5

    4acc3997d90c1bd1118aa9c336db7aa0

  • SHA1

    0d265d1d8a3f63d54ab3f26d95198638627841c7

  • SHA256

    04e1b3727a8ae621b6ec3ac90fa3093f615c88887fa8bfb68a458c45b34d256e

  • SHA512

    9c18d71d138c2e63110934e55b8cfa3ed6bd30c75bd30fbb9ef8df2a03dca69e28ae79c9b5b036d18afbb529902c50bd8159430ebbab6d1706ffedc66fa2d115

  • SSDEEP

    768:nhRKiB+VmLT8FLNl9jdK6YcQgD+ZKvIwclWzTTqbnX7nIfn17lbGgGU:hRKe60Ap9AijQKEnIf/CDU

Score
9/10
upx

Malware Config

Signatures

  • Detected Nirsoft tools 1 IoCs

    Free utilities often used by attackers which can steal passwords, product keys, etc.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 4acc3997d90c1bd1118aa9c336db7aa0_JaffaCakes118
    .rar
  • readme.txt
  • serviwin.chm
    .chm
  • serviwin.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • 新云软件.url
    .url