Errors

Reason
config extraction: sodinokibi: invalid character 'â' looking for beginning of value

General

  • Target

    JaffaCakes118_715e3ffc49539ad3a91994508eb7e02f8d1c3daa8961fd8562943f7276747786

  • Size

    504KB

  • MD5

    ec5c2abe250018cab19867940fad5404

  • SHA1

    9b34e93cb8d6c8ef97495c6b255dcfed79b66cf6

  • SHA256

    715e3ffc49539ad3a91994508eb7e02f8d1c3daa8961fd8562943f7276747786

  • SHA512

    2daca2852913dfa3b36a52384f6d395aea0c50cda4602e8f57f098d64dbceeccdcc64ff00bf13daa8c60b9321a73993b64764f010cfe7d0d2f9412b08979eb7b

  • SSDEEP

    12288:S06E8H8jnCcGvkGuKhI9roQMlQ3CWkC0:Sd9SnCdsMKpclQ3j

Score
10/10

Malware Config

Signatures

  • Sodinokibi family
  • Sodinokibi/Revil sample 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_715e3ffc49539ad3a91994508eb7e02f8d1c3daa8961fd8562943f7276747786
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections