JaffaCakes118_7b74117a34e84a659a35437ab43b27c55f129c1717f92b116dc5533c27bdbc5a

General

Target

JaffaCakes118_7b74117a34e84a659a35437ab43b27c55f129c1717f92b116dc5533c27bdbc5a
Size

965KB
MD5

291b2906ea58460df28b58f2029c1cf5
SHA1

c8e969ddaa78217f39bc49011e50ef5fd8bc5133
SHA256

7b74117a34e84a659a35437ab43b27c55f129c1717f92b116dc5533c27bdbc5a
SHA512

dfd780f8081251c7dd83ea107452a03149a576e3ea80a6c2ec1f6344fccd8d10022d9e857a51e2cc39d45656937495cb8bc3428967717f8b85a8296ac7690eab
SSDEEP

24576:BeJW6QzPdnqsp8Bx/NvfI7LBT9j6Ny9IjOOCr/M:BN6Qz1qspux/paZI7ZCDM

Score

9^/10

Detected Nirsoft tools 1 IoCs

Free utilities often used by attackers which can steal passwords, product keys, etc.

resource	yara_rule
static1/unpack001/Vape V4 Crack.bin	Nirsoft

NirSoft MailPassView 1 IoCs

Password recovery tool for various email clients

resource	yara_rule
static1/unpack001/Vape V4 Crack.bin	MailPassView

NirSoft WebBrowserPassView 1 IoCs

Password recovery tool for various web browsers

resource	yara_rule
static1/unpack001/Vape V4 Crack.bin	WebBrowserPassView

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Vape V4 Crack.bin

JaffaCakes118_7b74117a34e84a659a35437ab43b27c55f129c1717f92b116dc5533c27bdbc5a
.zip

Password: infected
Vape V4 Crack.bin
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ