General
-
Target
f0847541f03c1dc5c5f9c1b608eec603_JaffaCakes118
-
Size
185KB
-
MD5
f0847541f03c1dc5c5f9c1b608eec603
-
SHA1
6988c72bd89ff705f59354ace99942b7d3f5150b
-
SHA256
b12990f6bdde4a3a15371a30f21ee874c3447feeb13816e375a429a40fa79217
-
SHA512
c9fc47fe6cd9bc546022db517a00a6b0fd1abac5ac71b64dcd317359e3a7a02c9053e9f782d5f46db0f3c97162721dfad2880ab33ce51c8d07fc7f96574084a4
-
SSDEEP
3072:Ln0UwJEec1l4UFkX5NuwdS583AhR+hHIoguKyUxyAY9+rElstX/sJ102Lqag:pwJRY3kpwwoiyWoj5yUd2sVGDx
Score
9/10
Malware Config
Signatures
-
Detected Nirsoft tools 1 IoCs
Free utilities often used by attackers which can steal passwords, product keys, etc.
-
NirSoft WebBrowserPassView 1 IoCs
Password recovery tool for various web browsers
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
Files
-
f0847541f03c1dc5c5f9c1b608eec603_JaffaCakes118
Headers
Sections
-
out.upx
Headers
Sections