Overview

overview

9

Static

static

9

mspass.chm

windows7-x64

1

mspass.chm

windows10-2004-x64

1

mspass.exe

windows7-x64

9

mspass.exe

windows10-2004-x64

9

新云软件.url

windows7-x64

1

新云软件.url

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    83ba02c59641d3dd639a62398677e191_JaffaCakes118

  • Size

    71KB

  • MD5

    83ba02c59641d3dd639a62398677e191

  • SHA1

    ea008f0e985f19403683f8958053011d0a46ef83

  • SHA256

    e0ec362f4e8bb86e5a6232a73c39d9b94abc679550421f1ac658c742a02048f1

  • SHA512

    5373f0fdec81adb8ae5f0b2bdebdf3f3466dd4f447b773b2614bda32be0bda87d162e81bec65e69ff30bb2f34b3df99b4962fa4aa8817aa046ad4150c6ef3891

  • SSDEEP

    1536:ZOh/N8Dn5YLafiZIY50GMjDXXNqQAmpMNW+pmuLZuvyYI8G1PD:s18Dn5+aKR5079Z+W+vwNK

Score
9/10
upx

Malware Config

Signatures

  • Detected Nirsoft tools 1 IoCs

    Free utilities often used by attackers which can steal passwords, product keys, etc.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 83ba02c59641d3dd639a62398677e191_JaffaCakes118
    .rar
  • mspass.chm
    .chm
  • mspass.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • readme.txt
  • 新云软件.url
    .url