Overview

overview

9

Static

static

9

c976f6f57f...18.exe

windows7-x64

9

c976f6f57f...18.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c976f6f57f951851324ba5a9a083d820_JaffaCakes118

  • Size

    472KB

  • MD5

    c976f6f57f951851324ba5a9a083d820

  • SHA1

    97998a00bcf9367a59ad4262042321466bc8332d

  • SHA256

    21a9a430409deac05dce7c4e123dc64bb3cb2918ae5f3fbc9fa1f0b86ca0f93c

  • SHA512

    dd052ba3d8acd9e3c967ef3f1549728273a3e6127525fdb849c939c96aa9e058454fdf67881165bc44410add79e8cfbe52723ece5a815e4d087047a8743588c9

  • SSDEEP

    6144:0YNBIo/aW+80+9L8QfBxvum0/6hDGTaFFEm9LNizvz0iewK6uw/l11Y43ogjPbg:Ap+9L8cvu3/kDRb9LUXhD9TLNj

Score
9/10

Malware Config

Signatures

  • Beds Protector Packer 1 IoCs

    Detects Beds Protector packer used to load .NET malware.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • c976f6f57f951851324ba5a9a083d820_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections