@WndListDlg$qpvuiuil
@WndProc$qpvuiuil
__GetExceptDLLinfo
General
-
Target
41a485e69cd19944feabc0eb5e18b990_JaffaCakes118
-
Size
654KB
-
MD5
41a485e69cd19944feabc0eb5e18b990
-
SHA1
92ccf60808782ce0e44d31ba936521c5bcaeedc3
-
SHA256
abbd19c4017583cb994dc490d709a69336b0bfbb4a3557979afc3e89f7b6ec6d
-
SHA512
2182062a06315e7b0900f7f5310b945dd121a41db8d0ff51353ea46d97ccefa43d83f60cfa0f3754c322e66b3c91e3e9db00dac03603e1eb1e0b4bc797275ed4
-
SSDEEP
12288:N01t15XOxB+Tg2hpAttf+XaWPZNvQC41Xzm/68A5+b5h12TsMOcbw00MFnUXb:y31MXXGOtfCbPZNvQCUzN5+v12Yk0Ins
Score
9/10
Malware Config
Signatures
-
Detected Nirsoft tools 2 IoCs
Free utilities often used by attackers which can steal passwords, product keys, etc.
-
NirSoft MailPassView 1 IoCs
Password recovery tool for various email clients
-
UPX packed file 3 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Unsigned PE 6 IoCs
Checks for missing Authenticode signature.
Files
-
41a485e69cd19944feabc0eb5e18b990_JaffaCakes118
-
bos3od
-
dial.com
Headers
Sections
-
out.upx
Headers
Sections
-
email.com
Headers
Sections
-
out.upx
Headers
Sections
-
hide.exe
Headers
Exports
Sections
-
meshal
-
mutairi.exe
Headers
Sections
-
nicks.mf
-
o1o2o3o4