General
-
Target
5d80745c0d5d66e639dd3bd728466479_JaffaCakes118
-
Size
50KB
-
MD5
5d80745c0d5d66e639dd3bd728466479
-
SHA1
876414f9714c177f3ca1c5a52088ca34d4dd16df
-
SHA256
5f9ec59b10378f74c12e2cca70065e0e2a41c73e5916defae57f8a09ca7fb7e4
-
SHA512
1db1a49de07b3849daad2f3b759ff034ccaaf78607cc689601626c6b6f1fa7990984bed23aa7edba9a6e6d4d6205311f885ed3f6b35aec95c753193eb30255ce
-
SSDEEP
768:A6Re7EGVFBJx4X17BhofFEzPOTTh35ovC1j5rK5d93MBMOKhBJ/3oahM9JQCG/vk:SVBy/hyhTh3s2jcP9zJh8HG/c
Score
9/10
Malware Config
Signatures
-
Detected Nirsoft tools 1 IoCs
Free utilities often used by attackers which can steal passwords, product keys, etc.
-
NirSoft MailPassView 1 IoCs
Password recovery tool for various email clients
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
Files
-
5d80745c0d5d66e639dd3bd728466479_JaffaCakes118
Headers
Sections
-
out.upx
Headers
Sections