General

  • Target

    b1c5a88d32eaa3423576f31445413b37_JaffaCakes118

  • Size

    1.4MB

  • MD5

    b1c5a88d32eaa3423576f31445413b37

  • SHA1

    29f760c739630b0dc75ad376c46ecac6bff87da3

  • SHA256

    674036a975467ebf675e7240947f4206c693ef68e125c71e1e410d33aae2f12c

  • SHA512

    7b1a3b574c1f687de2dbc6394360e8534e44062c4018b60dfbb0d265a7167dc495dfca925fe2806ed484e6278ed81064e666780e4593a669eb9ca40d9674add2

  • SSDEEP

    24576:bLmqqqHPAK1Ms/0sWAVGBPgbLbhSnCWcW+WlxLfCGHujAJ19HOB1YY1Hx6HiLnzP:Xmq5PRSS0/PgzhSZGaxJOjE+YY1R7za0

Score
3/10

Malware Config

Signatures

  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 1 IoCs

Files

  • b1c5a88d32eaa3423576f31445413b37_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    beac00040f308ee74c120abfb8e8caa5


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    867739591d673abc7dd57977d4eee0ac


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsis.ini
  • $TEMP/VirtualDub.exe
    .exe windows:4 windows x86 arch:x86

    bc5ce990cf54f8d435a68eb97512f73e


    Headers

    Imports

    Sections

  • $TEMP/modern-wizard.bmp