General

  • Target

    JaffaCakes118_9160c4962d732d3bedfbb9da1634c2393b6564fc5b1f8a1ce62de5a4ed172e8b

  • Size

    567KB

  • MD5

    0ca38bd4a3bea8fe36c7433d1d86a90b

  • SHA1

    2221a3c0cc49dc5b97ca36b3a4959424f93ed69f

  • SHA256

    9160c4962d732d3bedfbb9da1634c2393b6564fc5b1f8a1ce62de5a4ed172e8b

  • SHA512

    6ea4ce128f39192cd2c32041e021e1fd2e89baa779a44ba8e113999ee4665f9eaefee3bd803b7e46e43323492431506e2cc067094e1cf668fc1264e6f398d8aa

  • SSDEEP

    12288:64BR71eFL+FzE4b5dg8+7oN4gW/PppxPqGgXCjvEFdSLZPTvy:64BneFL+F1b5dIaW/zxPsyTidqNvy

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_9160c4962d732d3bedfbb9da1634c2393b6564fc5b1f8a1ce62de5a4ed172e8b
    .zip

    Password: infected

  • d049ba3a6580d17ca24a05f41830f837879dede720e2c9b20b113cb073ec86f8
    .vhd
  • out.vhd
    .vhd
  • $RECYCLE.BIN/desktop.ini
  • BXA09QOPKJHVRFVU_001_PDF.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • RWVQ04HDJSNYKSDF03BD_002_PDF.vbs
  • System Volume Information/WPSettings.dat