General

  • Target

    JaffaCakes118_a65f1034b923e7e574b4fe72ab5be4e24fa18e48dd7c9e40bf44e28fda8d7a21

  • Size

    432KB

  • MD5

    5efb0a151579d57b1ca37a614fdfdc9c

  • SHA1

    d31b3c4970bbc0cf27062957cc3f4de896d858bc

  • SHA256

    a65f1034b923e7e574b4fe72ab5be4e24fa18e48dd7c9e40bf44e28fda8d7a21

  • SHA512

    1974c494882c23808ea48e4131c31bb4f8c2143e646deb3b0b964ce9a86c5489b70b48eac1a3bf2e428b2e9e9cd0bf2278365a30b3c9a22ef8809d1f5676f67e

  • SSDEEP

    12288:Udt56ehi/H9SDomjDBvMYojCmDu7legv5iB:ciXLDuv5i

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

208.67.104.97

85.31.46.167

Attributes
  • url_path

    ....!..../software.php

    ....!..../software.php

Signatures

  • Gcleaner family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_a65f1034b923e7e574b4fe72ab5be4e24fa18e48dd7c9e40bf44e28fda8d7a21
    .exe windows:6 windows x86 arch:x86


    Headers

    Sections