General

  • Target

    JaffaCakes118_a545c0a493172df6e9e6d727c798ba6f47d64677d52c63ff76623044f21284aa

  • Size

    750KB

  • MD5

    56451a033bbc59144c6a29ca007dd385

  • SHA1

    e8f54e8907c3f03aab16e3dfef00813a8420def7

  • SHA256

    a545c0a493172df6e9e6d727c798ba6f47d64677d52c63ff76623044f21284aa

  • SHA512

    888d421b36f62efb305fee5173f6005f6f5c8453a3e8dbc481f759e991bd77faa7cb0419390899424a13c449ac21b7dc42d363a57fda6dad4b9def29e0757d30

  • SSDEEP

    12288:qNQLuCMrW1oNt0ZXJJgY2eEPmcT/wvfrW64fx7w8KuwPeRRQId:1Ur5N+JgpO0wC3O8TN3QId

Score
10/10

Malware Config

Signatures

  • DCRat payload 1 IoCs

    Detects payload of DCRat, commonly dropped by NSIS installers.

  • Dcrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_a545c0a493172df6e9e6d727c798ba6f47d64677d52c63ff76623044f21284aa
    .zip

    Password: infected

  • DCRAT.bin
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections