General
-
Target
ea9cf7029e654144a3601a01a1684648_JaffaCakes118
-
Size
43KB
-
MD5
ea9cf7029e654144a3601a01a1684648
-
SHA1
34102c2948e4c34f15490a9423b68b868198b1b3
-
SHA256
1be009a5dfba5815288ad6b2aa9393b28a0e6c40d37bfc23a18960145ae488b4
-
SHA512
0e63b2318f3cc520bf1e58c2b457f10293df47b9040f2b226370f39e5177f556250684760fc0506516014638f2836a8745dd06f59f5ffebec4c8f3c96e8b698d
-
SSDEEP
768:JLXMHmIbDtkzWvep7Kmi+n+QBXAv4ICjbnyukiJdhC4WcCFvXxeXrxIc:VMHmI3lva7Ti3QsoPnjRTkBsxH
Score
9/10
Malware Config
Signatures
-
Detected Nirsoft tools 1 IoCs
Free utilities often used by attackers which can steal passwords, product keys, etc.
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
Files
-
ea9cf7029e654144a3601a01a1684648_JaffaCakes118
-
OperaPassView.chm
-
OperaPassView.exe
Headers
Sections
-
out.upx
Headers
Sections
-
readme.txt