General
-
Target
11493a1da230f7098dcd5f0473a79d15_JaffaCakes118
-
Size
1.2MB
-
MD5
11493a1da230f7098dcd5f0473a79d15
-
SHA1
09b5c0bb423ebea0893179b544b6a82275d4575b
-
SHA256
700acfcab52626728ef7d5d7553f1f18c0bc43ef41040785c9597adbf50794f6
-
SHA512
0d5c2f98146a3247bba8f5378194d08fcc3e78e5a322eddb44bfed3a5a90e2feb49db860f1f174fee96b57dc1d60a5945caf56cc376f5b17065d65cfa4c6d030
-
SSDEEP
24576:nw8Bcb2NK2QsCGMnlilAvuvDep9JqiFjIciDq99Ue2C00ddHcPMrkDja3tg:pNlC3UAmvDep9JqqjliDq92ej0+d8Pgu
Score
9/10
Malware Config
Signatures
-
Detected Nirsoft tools 1 IoCs
Free utilities often used by attackers which can steal passwords, product keys, etc.
-
NirSoft MailPassView 1 IoCs
Password recovery tool for various email clients
-
NirSoft WebBrowserPassView 1 IoCs
Password recovery tool for various web browsers
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
Files
-
11493a1da230f7098dcd5f0473a79d15_JaffaCakes118
Headers
Sections
-
out.upx
Headers
Sections