Overview

overview

10

Static

static

9

Cyberghost...D).exe

windows7-x64

10

Cyberghost...D).exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f0a1496395b403f5863f61cb47e74582_JaffaCakes118

  • Size

    250KB

  • MD5

    f0a1496395b403f5863f61cb47e74582

  • SHA1

    6ae90c21a4bc1b481720d11cad5eb80b439b9966

  • SHA256

    1a3b55462fa77e273a6be7b24e72b5490f463fc2d8ce036ae52bb83da713d705

  • SHA512

    9f84efde19c23459de3fd871150e637e5b42a0ba81e796c18f71388b98fbe5b813dd22f56ee271ea3f3f91e9b843d87b1d1c2e0eaa6462cbb3135022e9d8f2e3

  • SSDEEP

    6144:VxZAHwvfNt+AI4sg5zCg/DHPGdtP1bWXx6fOv/iEOcf:mH+t++X5zC6DedtQh/7rf

Score
9/10

Malware Config

Signatures

  • Detected Nirsoft tools 1 IoCs

    Free utilities often used by attackers which can steal passwords, product keys, etc.

  • NirSoft MailPassView 1 IoCs

    Password recovery tool for various email clients

  • NirSoft WebBrowserPassView 1 IoCs

    Password recovery tool for various web browsers

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f0a1496395b403f5863f61cb47e74582_JaffaCakes118
    .rar
  • CyberghostVPN Premium (CRACKED).exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections