General

  • Target

    033500a38824211c78c201a3cf515692_JaffaCakes118

  • Size

    159KB

  • MD5

    033500a38824211c78c201a3cf515692

  • SHA1

    9a5a409265d5346f2e55373db331ebf158888e59

  • SHA256

    daf0f192bd6560a67a52255690186169d08f50081a821f7ae5bb7fb263764eda

  • SHA512

    78318f76fcee849e831c58fef651175b1180f63c4517dca98a2906aa597eb854ecbfc971f1392f9cfd2ca3e374e511bb71e0b322757d85d151df0264a27e8d99

  • SSDEEP

    3072:d22ihA0m3BJf0A8TRgQTRNfAmluq0qY/C9e4dB:mA0m3T0A+RgkEk/6C9ei

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 1 IoCs

Files

  • 033500a38824211c78c201a3cf515692_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    28a099a911237a28521d8b7ea250f089


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/biclient.exe
    .exe windows:5 windows x86 arch:x86

    b8d007ed3e4042c6c59608a270f27c92


    Headers

    Imports

    Sections

  • $TEMP/config.ini