General

  • Target

    057181275db94cb6a6c8f0b08e93e92c_JaffaCakes118

  • Size

    13KB

  • MD5

    057181275db94cb6a6c8f0b08e93e92c

  • SHA1

    b9dcb637b1cc6409fed53ca540bc795cef84b422

  • SHA256

    d25580d9ac62c7430c08067c8f5fcac6926644fffc9e830c52d7e9b3fbc0991e

  • SHA512

    27d0efda77a56fc56ef219416289bf34d024765f451e487e17455221dc15e72efe32bd5aa379a91ef92a930d6257b8fa5a69ce6a614ad3ef8f222be15e608baf

  • SSDEEP

    192:nrwHWjPwpjK9IBIdI5YvC9xuvvRUXVEEzuxHZ1NmA9zKbCneEWoI6qoAe:cHqPwpYISvCuBUXVdzqZOAECeuRqq

Score
10/10

Malware Config

Signatures

  • ModiLoader Second Stage 1 IoCs
  • Modiloader family
  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 057181275db94cb6a6c8f0b08e93e92c_JaffaCakes118
    .dll regsvr32 windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections