General
-
Target
60a964d13451609e3876563a0e05c05b_JaffaCakes118
-
Size
37KB
-
MD5
60a964d13451609e3876563a0e05c05b
-
SHA1
03ef5c24fbd83efbb1fdd2c69c3f25de93253e9a
-
SHA256
8f336b6bdb2d84e0af4b6208267baed08a54328a3833aa738791381f761d29cc
-
SHA512
a5883fdc1d9406df7cd018a145443ad6a4d328013d3e1e5d12aea601efecc55ff2b6da3ee65a9605d9bbae662eb04c997f2a2822b63b340d692cb5674d4d2ac3
-
SSDEEP
768:wrL9NL9pZmIn9tqhcs0D36WSfJ8PKHZS5Zr4kustEqX4YEq0YIgu:osIn3kcs0D36WSfDZSH7QVq0cu
Score
9/10
Malware Config
Signatures
-
Detected Nirsoft tools 1 IoCs
Free utilities often used by attackers which can steal passwords, product keys, etc.
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
Files
-
60a964d13451609e3876563a0e05c05b_JaffaCakes118
-
URLProtocolView.chm
-
URLProtocolView.exe
Headers
Sections
-
out.upx
Headers
Sections
-
readme.txt
-
新云软件.url