Overview

overview

9

Static

static

9

myeventvie...er.chm

windows7-x64

1

myeventvie...er.chm

windows10-2004-x64

1

myeventvie...er.exe

windows7-x64

9

myeventvie...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    dcfde5b1207a73d94f139bb9c015a3b5_JaffaCakes118

  • Size

    50KB

  • MD5

    dcfde5b1207a73d94f139bb9c015a3b5

  • SHA1

    790b59bae2f4b63ad0d87080656a0f4041f68025

  • SHA256

    e9abb443e0f5551569fee90189bd882c56342ed25de0bff99fe3714c321dcdb0

  • SHA512

    5110e94ed8662674edb28150f05fff9dbe89cbce18dcdec12c9ff10e85b523ecc318aea46ad818791f8f6303f221c4914f1516ca80823894f13f45d893dd07d7

  • SSDEEP

    1536:/FqUhvyM2Zs7Y+slBHWsdPi2GlJ1gxHvekK:/Fdh6M2Zs7sv2QhWj

Score
9/10
upx

Malware Config

Signatures

  • Detected Nirsoft tools 1 IoCs

    Free utilities often used by attackers which can steal passwords, product keys, etc.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • dcfde5b1207a73d94f139bb9c015a3b5_JaffaCakes118
    .rar
  • myeventviewer/MyEventViewer.chm
    .chm
  • myeventviewer/MyEventViewer.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • myeventviewer/readme.txt