Overview

overview

9

Static

static

9

ProduKey.chm

windows7-x64

1

ProduKey.chm

windows10-2004-x64

1

ProduKey.exe

windows7-x64

9

ProduKey.exe

windows10-2004-x64

9

SOFT-WARE....ad.url

windows7-x64

1

SOFT-WARE....ad.url

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    f9d296b72fbbe1b335229e362e9b983b_JaffaCakes118

  • Size

    48KB

  • MD5

    f9d296b72fbbe1b335229e362e9b983b

  • SHA1

    70b680a251cf28f3c2f83f767443c0d5979e57a1

  • SHA256

    f165cfffbc2438a7eba947601883dd57386cd5960bfabdd6c3a5f735fa2721ae

  • SHA512

    d282df4dc0a50118fccd41be7bf185c42c438c6ff0041426cdaa3175dece4d6b6a07214d371094a9a33cbd51077d54bb48a6ee961eaa1bb4dfc8585a2384aee5

  • SSDEEP

    1536:bBJHGJwtlGNpA48fuE7iwc2hpjZ5wT5ntt0:b/Cg66mE7iwmC

Score
9/10
upx

Malware Config

Signatures

  • Detected Nirsoft tools 1 IoCs

    Free utilities often used by attackers which can steal passwords, product keys, etc.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • f9d296b72fbbe1b335229e362e9b983b_JaffaCakes118
    .zip
  • ProduKey.chm
    .chm
  • ProduKey.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • ProduKey_lng.ini
  • SOFT-WARE.NET Download.url
    .url
  • readme.txt